| |
| |||||||
Log-Analyse und Auswertung: Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung WerbeseiteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.01.2016, 16:23
| #1 |
 |  Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Hallo, Ich habe viel gegoogelt, finde aber leider keine Lösung, deshalb wende ich mich hier an euch. Es popped jede Stunde um xx:10 ein Popup auf, wie soll dieser linktyp http (win8.1) oder seit dem update auf Win10 "wie soll dieses Element geöffnet werden" auf, sieht aus wie das Standardfenster von Windows, um die Dateiendung einem Programm zuzuordnen. Dabei werden mir meine installierten Browser (Chrome, FF und Edge) angeboten. Egal auf was ich klicke erscheint in der Browserzeile kurz ..jmp2.it.. und dann wird eine Seite geöffnet, auf der man den mcafee virenscanner kaufen kann Ich danke schon mal im voraus für eure Hilfe!  |
|
06.01.2016, 17:57
| #2 |
| /// TB-Ausbilder   | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
06.01.2016, 18:15
| #3 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite 2 teile, da zu lang
__________________Code:
ATTFilter 18:01:29.0063 0x134c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:02:04.0191 0x134c ============================================================
18:02:04.0191 0x134c Current date / time: 2016/01/06 18:02:04.0191
18:02:04.0191 0x134c SystemInfo:
18:02:04.0191 0x134c
18:02:04.0191 0x134c OS Version: 10.0.10586 ServicePack: 0.0
18:02:04.0191 0x134c Product type: Workstation
18:02:04.0191 0x134c ComputerName: BEDA-AIO
18:02:04.0191 0x134c UserName: Peter
18:02:04.0191 0x134c Windows directory: C:\WINDOWS
18:02:04.0191 0x134c System windows directory: C:\WINDOWS
18:02:04.0191 0x134c Running under WOW64
18:02:04.0191 0x134c Processor architecture: Intel x64
18:02:04.0191 0x134c Number of processors: 2
18:02:04.0191 0x134c Page size: 0x1000
18:02:04.0191 0x134c Boot type: Normal boot
18:02:04.0191 0x134c ============================================================
18:02:04.0365 0x134c KLMD registered as C:\WINDOWS\system32\drivers\79473305.sys
18:02:04.0617 0x134c System UUID: {84DA7D67-4B46-E09C-0B48-341BC08BDA0A}
18:02:05.0197 0x134c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:02:05.0197 0x134c Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:02:05.0214 0x134c ============================================================
18:02:05.0214 0x134c \Device\Harddisk0\DR0:
18:02:05.0214 0x134c MBR partitions:
18:02:05.0214 0x134c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x249ED825
18:02:05.0214 0x134c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x249ED864, BlocksNum 0x249F1725
18:02:05.0214 0x134c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x493DEF89, BlocksNum 0x9FA28877
18:02:05.0214 0x134c \Device\Harddisk1\DR1:
18:02:05.0214 0x134c MBR partitions:
18:02:05.0214 0x134c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1A250170
18:02:05.0214 0x134c ============================================================
18:02:05.0229 0x134c C: <-> \Device\Harddisk1\DR1\Partition1
18:02:05.0260 0x134c D: <-> \Device\Harddisk0\DR0\Partition2
18:02:05.0292 0x134c E: <-> \Device\Harddisk0\DR0\Partition3
18:02:05.0292 0x134c G: <-> \Device\Harddisk0\DR0\Partition1
18:02:05.0292 0x134c ============================================================
18:02:05.0292 0x134c Initialize success
18:02:05.0292 0x134c ============================================================
18:03:17.0084 0x10a8 ============================================================
18:03:17.0084 0x10a8 Scan started
18:03:17.0084 0x10a8 Mode: Manual; SigCheck; TDLFS;
18:03:17.0084 0x10a8 ============================================================
18:03:17.0084 0x10a8 KSN ping started
18:03:19.0533 0x10a8 KSN ping finished: true
18:03:19.0974 0x10a8 ================ Scan system memory ========================
18:03:19.0990 0x10a8 System memory - ok
18:03:19.0990 0x10a8 ================ Scan services =============================
18:03:20.0038 0x10a8 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
18:03:20.0116 0x10a8 1394ohci - ok
18:03:20.0132 0x10a8 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
18:03:20.0153 0x10a8 3ware - ok
18:03:20.0174 0x10a8 [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
18:03:20.0207 0x10a8 ACPI - ok
18:03:20.0217 0x10a8 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
18:03:20.0237 0x10a8 acpiex - ok
18:03:20.0244 0x10a8 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
18:03:20.0265 0x10a8 acpipagr - ok
18:03:20.0271 0x10a8 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
18:03:20.0299 0x10a8 AcpiPmi - ok
18:03:20.0305 0x10a8 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
18:03:20.0324 0x10a8 acpitime - ok
18:03:20.0351 0x10a8 [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:03:20.0366 0x10a8 AdobeFlashPlayerUpdateSvc - ok
18:03:20.0408 0x10a8 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:03:20.0459 0x10a8 ADP80XX - ok
18:03:20.0486 0x10a8 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
18:03:20.0519 0x10a8 AFD - ok
18:03:20.0529 0x10a8 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
18:03:20.0545 0x10a8 agp440 - ok
18:03:20.0556 0x10a8 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:03:20.0588 0x10a8 ahcache - ok
18:03:20.0595 0x10a8 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
18:03:20.0616 0x10a8 AJRouter - ok
18:03:20.0624 0x10a8 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
18:03:20.0646 0x10a8 ALG - ok
18:03:20.0648 0x10a8 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
18:03:20.0664 0x10a8 AmdK8 - ok
18:03:20.0679 0x10a8 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
18:03:20.0695 0x10a8 AmdPPM - ok
18:03:20.0711 0x10a8 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
18:03:20.0726 0x10a8 amdsata - ok
18:03:20.0726 0x10a8 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
18:03:20.0759 0x10a8 amdsbs - ok
18:03:20.0759 0x10a8 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
18:03:20.0774 0x10a8 amdxata - ok
18:03:20.0821 0x10a8 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
18:03:20.0885 0x10a8 AntiVirMailService - ok
18:03:20.0916 0x10a8 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
18:03:20.0931 0x10a8 AntiVirSchedulerService - ok
18:03:20.0947 0x10a8 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
18:03:20.0979 0x10a8 AntiVirService - ok
18:03:21.0011 0x10a8 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
18:03:21.0057 0x10a8 AntiVirWebService - ok
18:03:21.0073 0x10a8 [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:03:21.0090 0x10a8 AppHostSvc - ok
18:03:21.0105 0x10a8 [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID C:\WINDOWS\system32\drivers\appid.sys
18:03:21.0121 0x10a8 AppID - ok
18:03:21.0121 0x10a8 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
18:03:21.0152 0x10a8 AppIDSvc - ok
18:03:21.0168 0x10a8 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
18:03:21.0183 0x10a8 Appinfo - ok
18:03:21.0200 0x10a8 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:03:21.0200 0x10a8 Apple Mobile Device Service - ok
18:03:21.0216 0x10a8 [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:03:21.0247 0x10a8 AppMgmt - ok
18:03:21.0263 0x10a8 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
18:03:21.0310 0x10a8 AppReadiness - ok
18:03:21.0357 0x10a8 [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
18:03:21.0468 0x10a8 AppXSvc - ok
18:03:21.0483 0x10a8 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
18:03:21.0499 0x10a8 arcsas - ok
18:03:21.0499 0x10a8 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
18:03:21.0531 0x10a8 AsyncMac - ok
18:03:21.0531 0x10a8 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:03:21.0547 0x10a8 atapi - ok
18:03:21.0562 0x10a8 [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:03:21.0594 0x10a8 AudioEndpointBuilder - ok
18:03:21.0625 0x10a8 [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
18:03:21.0688 0x10a8 Audiosrv - ok
18:03:21.0688 0x10a8 [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:03:21.0704 0x10a8 avgntflt - ok
18:03:21.0723 0x10a8 [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:03:21.0723 0x10a8 avipbb - ok
18:03:21.0738 0x10a8 [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:03:21.0755 0x10a8 Avira.ServiceHost - ok
18:03:21.0755 0x10a8 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:03:21.0771 0x10a8 avkmgr - ok
18:03:21.0771 0x10a8 [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
18:03:21.0786 0x10a8 avnetflt - ok
18:03:21.0802 0x10a8 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
18:03:21.0817 0x10a8 AxInstSV - ok
18:03:21.0833 0x10a8 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
18:03:21.0865 0x10a8 b06bdrv - ok
18:03:21.0881 0x10a8 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:03:21.0897 0x10a8 BasicDisplay - ok
18:03:21.0912 0x10a8 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
18:03:21.0928 0x10a8 BasicRender - ok
18:03:21.0928 0x10a8 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
18:03:21.0943 0x10a8 bcmfn - ok
18:03:21.0959 0x10a8 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
18:03:21.0976 0x10a8 bcmfn2 - ok
18:03:21.0976 0x10a8 [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
18:03:22.0023 0x10a8 BDESVC - ok
18:03:22.0023 0x10a8 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:03:22.0038 0x10a8 Beep - ok
18:03:22.0069 0x10a8 [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE C:\WINDOWS\System32\bfe.dll
18:03:22.0117 0x10a8 BFE - ok
18:03:22.0133 0x10a8 [ 7C33A7BF2513F9CCD2897E9CB2BD6313, 00742E38928267DB93650BB9D1776D3700A4A57D998A27F0644A079F9DC28D29 ] BioNTDrv C:\Program Files (x86)\Paragon Software\Backup and Recovery 12 Home\program\BioNTDrv.SYS
18:03:22.0133 0x10a8 BioNTDrv - ok
18:03:22.0164 0x10a8 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
18:03:22.0228 0x10a8 BITS - ok
18:03:22.0259 0x10a8 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:03:22.0275 0x10a8 Bonjour Service - ok
18:03:22.0275 0x10a8 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
18:03:22.0306 0x10a8 bowser - ok
18:03:22.0322 0x10a8 [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:03:22.0354 0x10a8 BrokerInfrastructure - ok
18:03:22.0369 0x10a8 [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser C:\WINDOWS\System32\browser.dll
18:03:22.0385 0x10a8 Browser - ok
18:03:22.0401 0x10a8 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:03:22.0417 0x10a8 BthAvrcpTg - ok
18:03:22.0417 0x10a8 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
18:03:22.0448 0x10a8 BthHFEnum - ok
18:03:22.0448 0x10a8 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
18:03:22.0464 0x10a8 bthhfhid - ok
18:03:22.0480 0x10a8 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
18:03:22.0511 0x10a8 BthHFSrv - ok
18:03:22.0511 0x10a8 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
18:03:22.0528 0x10a8 BTHMODEM - ok
18:03:22.0543 0x10a8 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
18:03:22.0559 0x10a8 bthserv - ok
18:03:22.0574 0x10a8 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
18:03:22.0590 0x10a8 buttonconverter - ok
18:03:22.0606 0x10a8 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
18:03:22.0638 0x10a8 CapImg - ok
18:03:22.0638 0x10a8 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:03:22.0669 0x10a8 cdfs - ok
18:03:22.0685 0x10a8 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
18:03:22.0716 0x10a8 CDPSvc - ok
18:03:22.0716 0x10a8 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
18:03:22.0751 0x10a8 cdrom - ok
18:03:22.0761 0x10a8 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
18:03:22.0788 0x10a8 CertPropSvc - ok
18:03:22.0789 0x10a8 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
18:03:22.0804 0x10a8 circlass - ok
18:03:22.0820 0x10a8 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
18:03:22.0851 0x10a8 CLFS - ok
18:03:22.0929 0x10a8 [ 7A36AD856A17AFB1EBAAD3C5BF1362A1, 9779501A2B733B6F2855E421115C0123AC3A67715E7E7C85ACED58939DC0883D ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:03:23.0009 0x10a8 ClickToRunSvc - ok
18:03:23.0040 0x10a8 [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
18:03:23.0071 0x10a8 ClipSVC - ok
18:03:23.0087 0x10a8 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
18:03:23.0102 0x10a8 CmBatt - ok
18:03:23.0135 0x10a8 [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
18:03:23.0166 0x10a8 CNG - ok
18:03:23.0166 0x10a8 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:03:23.0181 0x10a8 cnghwassist - ok
18:03:23.0213 0x10a8 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
18:03:23.0228 0x10a8 CompositeBus - ok
18:03:23.0228 0x10a8 COMSysApp - ok
18:03:23.0244 0x10a8 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
18:03:23.0260 0x10a8 condrv - ok
18:03:23.0275 0x10a8 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
18:03:23.0323 0x10a8 CoreMessagingRegistrar - ok
18:03:23.0339 0x10a8 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
18:03:23.0354 0x10a8 CryptSvc - ok
18:03:23.0372 0x10a8 [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC C:\WINDOWS\system32\drivers\csc.sys
18:03:23.0412 0x10a8 CSC - ok
18:03:23.0444 0x10a8 [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService C:\WINDOWS\System32\cscsvc.dll
18:03:23.0479 0x10a8 CscService - ok
18:03:23.0491 0x10a8 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
18:03:23.0510 0x10a8 dam - ok
18:03:23.0539 0x10a8 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:03:23.0586 0x10a8 DcomLaunch - ok
18:03:23.0602 0x10a8 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
18:03:23.0633 0x10a8 DcpSvc - ok
18:03:23.0650 0x10a8 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
18:03:23.0681 0x1340 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
18:03:23.0696 0x10a8 defragsvc - ok
18:03:23.0712 0x10a8 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:03:23.0760 0x10a8 DeviceAssociationService - ok
18:03:23.0760 0x10a8 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
18:03:23.0791 0x10a8 DeviceInstall - ok
18:03:23.0791 0x10a8 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
18:03:23.0807 0x10a8 DevQueryBroker - ok
18:03:23.0822 0x10a8 [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
18:03:23.0838 0x10a8 Dfsc - ok
18:03:23.0854 0x10a8 [ 58425D987F155F44C0BD4D0DB230327E, 9F4F5711325118D4C165F7BAC96D8248A387E14363662F735E7B9331FC222C30 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:03:23.0870 0x10a8 dg_ssudbus - ok
18:03:23.0886 0x10a8 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
18:03:23.0933 0x10a8 Dhcp - ok
18:03:23.0933 0x10a8 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:03:23.0964 0x10a8 diagnosticshub.standardcollector.service - ok
18:03:24.0022 0x10a8 [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
18:03:24.0087 0x10a8 DiagTrack - ok
18:03:24.0099 0x10a8 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
18:03:24.0114 0x10a8 disk - ok
18:03:24.0221 0x10a8 [ 91A68D0C43E8B641336DEFEC0ECDEAD9, 5594E1E3B41326C7CE64EE76F14E34C2C4435CAAB4881258D8098C391ED852B7 ] DiskBoss Service d:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
18:03:24.0236 0x10a8 DiskBoss Service - detected UnsignedFile.Multi.Generic ( 1 )
18:03:24.0820 0x0c28 Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
18:03:26.0271 0x1340 Object send P2P result: true
18:03:26.0271 0x1340 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
18:03:26.0633 0x10a8 Detect skipped due to KSN trusted
18:03:26.0633 0x10a8 DiskBoss Service - ok
18:03:26.0649 0x10a8 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
18:03:26.0680 0x10a8 DmEnrollmentSvc - ok
18:03:26.0696 0x10a8 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
18:03:26.0711 0x10a8 dmvsc - ok
18:03:26.0727 0x10a8 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
18:03:26.0744 0x10a8 dmwappushservice - ok
18:03:26.0759 0x10a8 [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:03:26.0775 0x10a8 Dnscache - ok
18:03:26.0791 0x10a8 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
18:03:26.0822 0x10a8 dot3svc - ok
18:03:26.0838 0x10a8 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
18:03:26.0854 0x10a8 DPS - ok
18:03:26.0870 0x10a8 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
18:03:26.0870 0x10a8 drmkaud - ok
18:03:26.0885 0x10a8 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
18:03:26.0916 0x10a8 DsmSvc - ok
18:03:26.0916 0x10a8 [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
18:03:26.0949 0x10a8 DsSvc - ok
18:03:26.0996 0x10a8 [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:03:27.0075 0x10a8 DXGKrnl - ok
18:03:27.0090 0x10a8 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
18:03:27.0106 0x10a8 Eaphost - ok
18:03:27.0201 0x10a8 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
18:03:27.0311 0x0c28 Object send P2P result: true
18:03:27.0311 0x0c28 Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
18:03:27.0311 0x10a8 ebdrv - ok
18:03:27.0327 0x10a8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
18:03:27.0342 0x10a8 EFS - ok
18:03:27.0358 0x10a8 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
18:03:27.0374 0x10a8 EhStorClass - ok
18:03:27.0374 0x10a8 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:03:27.0390 0x10a8 EhStorTcgDrv - ok
18:03:27.0408 0x10a8 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
18:03:27.0421 0x10a8 embeddedmode - ok
18:03:27.0437 0x10a8 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:03:27.0468 0x10a8 EntAppSvc - ok
18:03:27.0484 0x10a8 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
18:03:27.0501 0x10a8 ErrDev - ok
18:03:27.0516 0x10a8 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
18:03:27.0547 0x10a8 EventSystem - ok
18:03:27.0563 0x10a8 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
18:03:27.0602 0x10a8 exfat - ok
18:03:27.0605 0x10a8 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
18:03:27.0636 0x10a8 fastfat - ok
18:03:27.0652 0x10a8 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
18:03:27.0699 0x10a8 Fax - ok
18:03:27.0699 0x10a8 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
18:03:27.0715 0x10a8 fdc - ok
18:03:27.0731 0x10a8 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
18:03:27.0746 0x10a8 fdPHost - ok
18:03:27.0762 0x10a8 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
18:03:27.0778 0x10a8 FDResPub - ok
18:03:27.0793 0x10a8 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
18:03:27.0809 0x10a8 fhsvc - ok
18:03:27.0826 0x10a8 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
18:03:27.0841 0x10a8 FileCrypt - ok
18:03:27.0841 0x10a8 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
18:03:27.0857 0x10a8 FileInfo - ok
18:03:27.0872 0x10a8 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
18:03:27.0888 0x10a8 Filetrace - ok
18:03:27.0904 0x10a8 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
18:03:27.0919 0x10a8 flpydisk - ok
18:03:27.0936 0x10a8 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:03:27.0952 0x10a8 FltMgr - ok
18:03:27.0998 0x10a8 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
18:03:28.0078 0x10a8 FontCache - ok
18:03:28.0093 0x10a8 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:03:28.0109 0x10a8 FontCache3.0.0.0 - ok
18:03:28.0124 0x10a8 [ 52B58A46BEEFB238C580B69FD051CB5B, 6C3B92F953DD55619BD6F0876850A441CAF7774EB873196F567F6A1C0D8CF182 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
18:03:28.0157 0x10a8 ForceWare Intelligent Application Manager (IAM) - ok
18:03:28.0172 0x10a8 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
18:03:28.0188 0x10a8 FsDepends - ok
18:03:28.0188 0x10a8 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:03:28.0204 0x10a8 Fs_Rec - ok
18:03:28.0204 0x10a8 [ 0B0E36E669B47E256BE7BDB66D76CCCF, EE52E6EB6F4E41429687124246CF988CAFC4D7FF26EDAD5EAB762239E6DF8FBB ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
18:03:28.0219 0x10a8 FTDIBUS - ok
18:03:28.0235 0x10a8 [ 9339740FBF4AAD6F06A6C3ECFE3B9C89, D2DDD4075B53908642C9352D0494B2EA12839A79F78A18DCB2BF07AEF9448A46 ] ftpsvc C:\WINDOWS\system32\inetsrv\ftpsvc.dll
18:03:28.0267 0x10a8 ftpsvc - ok
18:03:28.0283 0x10a8 [ F1544BBC7E08BB5B9E9E97996C3FA04B, 2D998E4DCF7EA918B537119583BE678121148DB314BDC338925D8588A30F4BE0 ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
18:03:28.0298 0x10a8 FTSER2K - ok
18:03:28.0314 0x10a8 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:03:28.0361 0x10a8 fvevol - ok
18:03:28.0361 0x10a8 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
18:03:28.0377 0x10a8 gagp30kx - ok
18:03:28.0377 0x10a8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:03:28.0393 0x10a8 GEARAspiWDM - ok
18:03:28.0393 0x10a8 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
18:03:28.0409 0x10a8 gencounter - ok
18:03:28.0424 0x10a8 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
18:03:28.0440 0x10a8 genericusbfn - ok
18:03:28.0440 0x10a8 [ A1F556318931B9EA276F4E2DA2C1791C, 1E5564A9B213689C56BFBBEC1A7BBFAD78DF1FB55422171C0680935338C5DE57 ] ggflt C:\WINDOWS\System32\drivers\ggflt.sys
18:03:28.0456 0x10a8 ggflt - ok
18:03:28.0456 0x10a8 [ 7F56A3E09A6AD40B07E4EFAD34A40A18, E0EC4293035162E9EFA89A45FFF26B5BC829F7BB7F4D2D5A2CAA5E88AC6DC0C9 ] ggsomc C:\WINDOWS\System32\drivers\ggsomc.sys
18:03:28.0471 0x10a8 ggsomc - ok
18:03:28.0487 0x10a8 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:03:28.0503 0x10a8 GPIOClx0101 - ok
18:03:28.0535 0x10a8 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
18:03:28.0614 0x10a8 gpsvc - ok
18:03:28.0614 0x10a8 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:03:28.0645 0x10a8 GpuEnergyDrv - ok
18:03:28.0645 0x10a8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:03:28.0661 0x10a8 gupdate - ok
18:03:28.0661 0x10a8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:03:28.0676 0x10a8 gupdatem - ok
18:03:28.0692 0x10a8 [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
18:03:28.0724 0x10a8 HdAudAddService - ok
18:03:28.0724 0x10a8 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
18:03:28.0755 0x10a8 HDAudBus - ok
18:03:28.0755 0x10a8 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
18:03:28.0771 0x10a8 HidBatt - ok
18:03:28.0787 0x10a8 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
18:03:28.0802 0x10a8 HidBth - ok
18:03:28.0802 0x10a8 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
18:03:28.0819 0x1340 Object send P2P result: true
18:03:28.0819 0x1340 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
18:03:28.0819 0x10a8 hidi2c - ok
18:03:28.0835 0x10a8 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
18:03:28.0850 0x10a8 hidinterrupt - ok
18:03:28.0850 0x10a8 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
18:03:28.0866 0x10a8 HidIr - ok
18:03:28.0881 0x10a8 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
18:03:28.0897 0x10a8 hidserv - ok
18:03:28.0913 0x10a8 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
18:03:28.0929 0x10a8 HidUsb - ok
18:03:28.0945 0x10a8 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:03:28.0976 0x10a8 HomeGroupListener - ok
18:03:28.0992 0x10a8 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:03:29.0023 0x10a8 HomeGroupProvider - ok
18:03:29.0023 0x10a8 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
18:03:29.0040 0x10a8 HpSAMD - ok
18:03:29.0102 0x10a8 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
18:03:29.0102 0x10a8 HTCMonitorService - ok
18:03:29.0150 0x10a8 [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
18:03:29.0181 0x10a8 HTTP - ok
18:03:29.0197 0x10a8 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
18:03:29.0213 0x10a8 hwpolicy - ok
18:03:29.0213 0x10a8 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
18:03:29.0228 0x10a8 hyperkbd - ok
18:03:29.0244 0x10a8 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
18:03:29.0260 0x10a8 i8042prt - ok
18:03:29.0276 0x10a8 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
18:03:29.0292 0x10a8 iai2c - ok
18:03:29.0292 0x10a8 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:03:29.0323 0x10a8 iaLPSS2i_I2C - ok
18:03:29.0323 0x10a8 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:03:29.0339 0x10a8 iaLPSSi_GPIO - ok
18:03:29.0354 0x10a8 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:03:29.0371 0x10a8 iaLPSSi_I2C - ok
18:03:29.0386 0x10a8 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
18:03:29.0418 0x10a8 iaStorAV - ok
18:03:29.0449 0x10a8 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
18:03:29.0465 0x10a8 iaStorV - ok
18:03:29.0481 0x10a8 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
18:03:29.0512 0x10a8 ibbus - ok
18:03:29.0528 0x10a8 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
18:03:29.0544 0x10a8 icssvc - ok
18:03:29.0559 0x10a8 [ D1C82248C23BD4D511248903AAB9C3DF, FC0B1FA2EBA8CA063AD2995F0AB92B69E0D90C0801733C685D7D7B1406EF4ECB ] IdcFltr C:\WINDOWS\System32\drivers\idcfltr.sys
18:03:29.0559 0x10a8 IdcFltr - ok
18:03:29.0575 0x10a8 IEEtwCollectorService - ok
18:03:29.0607 0x10a8 [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
18:03:29.0654 0x10a8 IKEEXT - ok
18:03:29.0670 0x10a8 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
18:03:29.0685 0x10a8 intelide - ok
18:03:29.0685 0x10a8 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
18:03:29.0702 0x10a8 intelpep - ok
18:03:29.0718 0x10a8 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
18:03:29.0733 0x10a8 intelppm - ok
18:03:29.0749 0x10a8 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
18:03:29.0764 0x10a8 IoQos - ok
18:03:29.0764 0x10a8 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:03:29.0780 0x10a8 IpFilterDriver - ok
18:03:29.0812 0x10a8 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
18:03:29.0844 0x0c28 Object send P2P result: true
18:03:29.0844 0x0c28 Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
18:03:29.0875 0x10a8 iphlpsvc - ok
18:03:29.0875 0x10a8 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:03:29.0890 0x10a8 IPMIDRV - ok
18:03:29.0906 0x10a8 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
18:03:29.0923 0x10a8 IPNAT - ok
18:03:29.0954 0x10a8 [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:03:29.0970 0x10a8 iPod Service - ok
18:03:29.0985 0x10a8 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
18:03:30.0001 0x10a8 IRENUM - ok
18:03:30.0016 0x10a8 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
18:03:30.0016 0x10a8 isapnp - ok
18:03:30.0033 0x10a8 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
18:03:30.0049 0x10a8 iScsiPrt - ok
18:03:30.0064 0x10a8 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
18:03:30.0080 0x10a8 kbdclass - ok
18:03:30.0080 0x10a8 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
18:03:30.0096 0x10a8 kbdhid - ok
18:03:30.0111 0x10a8 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
18:03:30.0127 0x10a8 kdnic - ok
18:03:30.0127 0x10a8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
18:03:30.0143 0x10a8 KeyIso - ok
18:03:30.0159 0x10a8 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
18:03:30.0175 0x10a8 KSecDD - ok
18:03:30.0175 0x10a8 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:03:30.0206 0x10a8 KSecPkg - ok
18:03:30.0206 0x10a8 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
18:03:30.0222 0x10a8 ksthunk - ok
18:03:30.0237 0x10a8 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
18:03:30.0269 0x10a8 KtmRm - ok
18:03:30.0285 0x10a8 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
18:03:30.0316 0x10a8 LanmanServer - ok
18:03:30.0332 0x10a8 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:03:30.0363 0x10a8 LanmanWorkstation - ok
18:03:30.0380 0x10a8 [ EF1075935CEF62BD9D499A9BB0752EFC, F2419F2A6E58C235AF8FDF548545203C8E2AE323EFDEEE4667E6F4D83BC4DCB2 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
18:03:30.0411 0x10a8 LavasoftAdAwareService11 - ok
18:03:30.0427 0x10a8 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
18:03:30.0442 0x10a8 lfsvc - ok
18:03:30.0442 0x10a8 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
18:03:30.0458 0x10a8 LicenseManager - ok
18:03:30.0475 0x10a8 [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:03:30.0490 0x10a8 Live Updater Service - ok
18:03:30.0506 0x10a8 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
18:03:30.0521 0x10a8 lltdio - ok
18:03:30.0537 0x10a8 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
18:03:30.0568 0x10a8 lltdsvc - ok
18:03:30.0568 0x10a8 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
18:03:30.0601 0x10a8 lmhosts - ok
18:03:30.0601 0x10a8 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
18:03:30.0616 0x10a8 LSI_SAS - ok
18:03:30.0632 0x10a8 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:03:30.0647 0x10a8 LSI_SAS2i - ok
18:03:30.0663 0x10a8 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:03:30.0679 0x10a8 LSI_SAS3i - ok
18:03:30.0679 0x10a8 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
18:03:30.0703 0x10a8 LSI_SSS - ok
18:03:30.0728 0x10a8 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
18:03:30.0785 0x10a8 LSM - ok
18:03:30.0797 0x10a8 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
18:03:30.0834 0x10a8 luafv - ok
18:03:30.0842 0x10a8 [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker C:\WINDOWS\System32\moshost.dll
18:03:30.0865 0x10a8 MapsBroker - ok
18:03:30.0873 0x10a8 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
18:03:30.0889 0x10a8 megasas - ok
18:03:30.0910 0x10a8 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
18:03:30.0941 0x10a8 megasr - ok
18:03:30.0950 0x10a8 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
18:03:30.0974 0x10a8 MessagingService - ok
18:03:31.0035 0x10a8 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
18:03:31.0075 0x10a8 mlx4_bus - ok
18:03:31.0084 0x10a8 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
18:03:31.0107 0x10a8 MMCSS - ok
18:03:31.0114 0x10a8 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
18:03:31.0140 0x10a8 Modem - ok
18:03:31.0148 0x10a8 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
18:03:31.0166 0x10a8 monitor - ok
18:03:31.0173 0x10a8 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
18:03:31.0188 0x10a8 mouclass - ok
18:03:31.0196 0x10a8 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
18:03:31.0215 0x10a8 mouhid - ok
18:03:31.0223 0x10a8 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
18:03:31.0240 0x10a8 mountmgr - ok
18:03:31.0248 0x10a8 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
18:03:31.0267 0x10a8 mpsdrv - ok
18:03:31.0299 0x10a8 [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
18:03:31.0304 0x1340 Object send P2P result: true
18:03:31.0304 0x1340 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
18:03:31.0352 0x10a8 MpsSvc - ok
18:03:31.0364 0x10a8 [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
18:03:31.0390 0x10a8 MRxDAV - ok
18:03:31.0406 0x10a8 [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:03:31.0433 0x10a8 mrxsmb - ok
18:03:31.0452 0x10a8 [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:03:31.0470 0x10a8 mrxsmb10 - ok
18:03:31.0486 0x10a8 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:03:31.0501 0x10a8 mrxsmb20 - ok
18:03:31.0517 0x10a8 [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
18:03:31.0533 0x10a8 MsBridge - ok
18:03:31.0549 0x10a8 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:03:31.0565 0x10a8 MSDTC - ok
18:03:31.0580 0x10a8 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:03:31.0596 0x10a8 Msfs - ok
18:03:31.0612 0x10a8 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:03:31.0627 0x10a8 msgpiowin32 - ok
18:03:31.0628 0x10a8 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:03:31.0644 0x10a8 mshidkmdf - ok
18:03:31.0644 0x10a8 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
18:03:31.0659 0x10a8 mshidumdf - ok
18:03:31.0675 0x10a8 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
18:03:31.0675 0x10a8 msisadrv - ok
18:03:31.0691 0x10a8 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
18:03:31.0722 0x10a8 MSiSCSI - ok
18:03:31.0722 0x10a8 msiserver - ok
18:03:31.0722 0x10a8 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
18:03:31.0739 0x10a8 MSKSSRV - ok
18:03:31.0754 0x10a8 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
18:03:31.0785 0x10a8 MsLldp - ok
18:03:31.0785 0x10a8 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
18:03:31.0801 0x10a8 MSPCLOCK - ok
18:03:31.0801 0x10a8 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
18:03:31.0817 0x10a8 MSPQM - ok
18:03:31.0832 0x10a8 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
18:03:31.0865 0x10a8 MsRPC - ok
18:03:31.0880 0x10a8 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
18:03:31.0880 0x10a8 mssmbios - ok
18:03:31.0896 0x10a8 [ 8E8E74C953EB0C4F8828D99D6F27FD6F, 94AFB1B09A6E92302D29B3C563B1744CECC5F5487418962BE537B7C57717CA42 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:03:31.0911 0x10a8 MSSQLServerADHelper100 - ok
18:03:31.0911 0x10a8 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
18:03:31.0927 0x10a8 MSTEE - ok
18:03:31.0927 0x10a8 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
18:03:31.0943 0x10a8 MTConfig - ok
18:03:31.0959 0x10a8 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
18:03:31.0975 0x10a8 Mup - ok
18:03:31.0975 0x10a8 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
18:03:31.0991 0x10a8 mvumis - ok
|
|
06.01.2016, 18:16
| #4 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite teil2: Code:
ATTFilter 18:03:32.0022 0x10a8 [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:03:32.0053 0x10a8 NativeWifiP - ok
18:03:32.0070 0x10a8 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
18:03:32.0101 0x10a8 NcaSvc - ok
18:03:32.0117 0x10a8 [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService C:\WINDOWS\System32\ncbservice.dll
18:03:32.0148 0x10a8 NcbService - ok
18:03:32.0148 0x10a8 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
18:03:32.0196 0x10a8 NcdAutoSetup - ok
18:03:32.0196 0x10a8 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
18:03:32.0211 0x10a8 ndfltr - ok
18:03:32.0243 0x10a8 [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
18:03:32.0306 0x10a8 NDIS - ok
18:03:32.0322 0x10a8 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
18:03:32.0337 0x10a8 NdisCap - ok
18:03:32.0337 0x0c28 Object send P2P result: true
18:03:32.0337 0x10a8 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:03:32.0369 0x10a8 NdisImPlatform - ok
18:03:32.0369 0x10a8 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:03:32.0384 0x10a8 NdisTapi - ok
18:03:32.0401 0x10a8 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
18:03:32.0416 0x10a8 Ndisuio - ok
18:03:32.0416 0x10a8 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:03:32.0448 0x10a8 NdisVirtualBus - ok
18:03:32.0448 0x10a8 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
18:03:32.0479 0x10a8 NdisWan - ok
18:03:32.0495 0x10a8 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:03:32.0511 0x10a8 ndiswanlegacy - ok
18:03:32.0511 0x10a8 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:03:32.0542 0x10a8 ndproxy - ok
18:03:32.0542 0x10a8 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
18:03:32.0574 0x10a8 Ndu - ok
18:03:32.0574 0x10a8 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
18:03:32.0589 0x10a8 NetBIOS - ok
18:03:32.0605 0x10a8 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:03:32.0641 0x10a8 NetBT - ok
18:03:32.0648 0x10a8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:03:32.0655 0x10a8 Netlogon - ok
18:03:32.0670 0x10a8 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
18:03:32.0702 0x10a8 Netman - ok
18:03:32.0717 0x10a8 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
18:03:32.0765 0x10a8 netprofm - ok
18:03:32.0813 0x10a8 [ A69AB65E89C5A0348B995C5E78F6380C, 5A59E058D5ED8AA4EA9FCB4EC8ADD5E28DC265CA3C35F6BA567EB3F6AE69F7F0 ] netr28ux C:\WINDOWS\System32\drivers\netr28ux.sys
18:03:32.0923 0x10a8 netr28ux - ok
18:03:32.0939 0x10a8 [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
18:03:32.0956 0x10a8 NetSetupSvc - ok
18:03:32.0971 0x10a8 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:03:32.0987 0x10a8 NetTcpPortSharing - ok
18:03:33.0003 0x10a8 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
18:03:33.0034 0x10a8 NgcCtnrSvc - ok
18:03:33.0066 0x10a8 [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
18:03:33.0097 0x10a8 NgcSvc - ok
18:03:33.0113 0x10a8 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
18:03:33.0144 0x10a8 NlaSvc - ok
18:03:33.0176 0x10a8 [ D0F743BD1F8E402E4A52D83574828AC2, F420A51DC52D82289313C36B76A76DB2DE3FC89132B78D76ACF4303AF47CB6BA ] NoIPDUCService4 D:\Program Files (x86)\No-IP\ducservice.exe
18:03:33.0176 0x10a8 NoIPDUCService4 - detected UnsignedFile.Multi.Generic ( 1 )
18:03:33.0949 0x1340 Object send P2P result: true
18:03:33.0949 0x1340 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
18:03:35.0594 0x10a8 Detect skipped due to KSN trusted
18:03:35.0594 0x10a8 NoIPDUCService4 - ok
18:03:35.0610 0x10a8 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:03:35.0626 0x10a8 Npfs - ok
18:03:35.0626 0x10a8 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
18:03:35.0641 0x10a8 npsvctrig - ok
18:03:35.0657 0x10a8 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
18:03:35.0673 0x10a8 nsi - ok
18:03:35.0673 0x10a8 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
18:03:35.0688 0x10a8 nsiproxy - ok
18:03:35.0705 0x10a8 [ 20E179A7FE78B37A02D30C4D34C870E7, 3E720CD52749E2F86897A89A2B7D3DE4C14255638111DB644C8F2C15174A6A2A ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
18:03:35.0720 0x10a8 nSvcIp - ok
18:03:35.0783 0x10a8 [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
18:03:35.0862 0x10a8 NTFS - ok
18:03:35.0878 0x10a8 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:03:35.0893 0x10a8 Null - ok
18:03:36.0209 0x10a8 [ CFD65B9A3842A8F7590E04F5563B7E48, C3FAF1D5B7CC390D04A671D4E7F3112B5E8F75B6F7F5A937D891F7A28B16F6BD ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:03:36.0556 0x10a8 nvlddmkm - ok
18:03:36.0588 0x1340 Object send P2P result: true
18:03:36.0603 0x10a8 [ 37B0088B8E7F2A8AD0AE2281A70E0D13, 50256EEADBBC5CCCF3EBAEB9020D91EDB9961E7404BD41067A4290362BE6962F ] NVNET C:\WINDOWS\System32\drivers\nvmf6264.sys
18:03:36.0635 0x10a8 NVNET - ok
18:03:36.0666 0x10a8 [ 903A40C958D471F9D30D29FA6D2800A4, 4641F8E8B20EE9AF8AB61E61AD74D41A4E9F51C906EC5F3BDC484FFAFB540E69 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:03:36.0729 0x10a8 NvNetworkService - ok
18:03:36.0729 0x10a8 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
18:03:36.0745 0x10a8 nvraid - ok
18:03:36.0761 0x10a8 [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu C:\WINDOWS\system32\DRIVERS\nvsmu.sys
18:03:36.0761 0x10a8 nvsmu - ok
18:03:36.0776 0x10a8 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
18:03:36.0792 0x10a8 nvstor - ok
18:03:36.0809 0x10a8 [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64 C:\WINDOWS\system32\drivers\nvstor64.sys
18:03:36.0824 0x10a8 nvstor64 - ok
18:03:37.0186 0x10a8 [ 68DE8D996D8FF628AB6B3D422035F862, 239CE5BE15F39966AE5243971FE75BDFB35359F92C8294C61155C863F4B3C40E ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:03:37.0611 0x10a8 NvStreamSvc - ok
18:03:37.0675 0x10a8 [ F3A837A403C0E92A7475913659DECF94, D76875A11889474203A5CBACE5912562C4361C1A7A9AEB3DD06AF1E4523F4D98 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
18:03:37.0706 0x10a8 nvsvc - ok
18:03:37.0722 0x10a8 [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:03:37.0722 0x10a8 nvvad_WaveExtensible - ok
18:03:37.0737 0x10a8 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
18:03:37.0753 0x10a8 nv_agp - ok
18:03:37.0769 0x10a8 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
18:03:37.0801 0x10a8 OneSyncSvc - ok
18:03:37.0848 0x10a8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:03:37.0863 0x10a8 ose - ok
18:03:37.0879 0x10a8 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
18:03:37.0911 0x10a8 p2pimsvc - ok
18:03:37.0927 0x10a8 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
18:03:37.0958 0x10a8 p2psvc - ok
18:03:37.0958 0x10a8 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
18:03:37.0989 0x10a8 Parport - ok
18:03:37.0989 0x10a8 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
18:03:38.0006 0x10a8 partmgr - ok
18:03:38.0022 0x10a8 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:03:38.0037 0x10a8 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
18:03:40.0507 0x10a8 Detect skipped due to KSN trusted
18:03:40.0507 0x10a8 PassThru Service - ok
18:03:40.0555 0x10a8 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
18:03:40.0586 0x10a8 PcaSvc - ok
18:03:40.0602 0x10a8 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys
18:03:40.0633 0x10a8 pci - ok
18:03:40.0633 0x10a8 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
18:03:40.0649 0x10a8 pciide - ok
18:03:40.0665 0x10a8 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
18:03:40.0681 0x10a8 pcmcia - ok
18:03:40.0681 0x10a8 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
18:03:40.0697 0x10a8 pcw - ok
18:03:40.0697 0x10a8 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys
18:03:40.0712 0x10a8 pdc - ok
18:03:40.0743 0x10a8 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
18:03:40.0791 0x10a8 PEAUTH - ok
18:03:40.0838 0x10a8 [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
18:03:40.0933 0x10a8 PeerDistSvc - ok
18:03:40.0949 0x10a8 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
18:03:40.0964 0x10a8 percsas2i - ok
18:03:40.0964 0x10a8 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
18:03:40.0980 0x10a8 percsas3i - ok
18:03:41.0012 0x10a8 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
18:03:41.0028 0x10a8 PerfHost - ok
18:03:41.0090 0x10a8 [ 47C25D46C70D468A5F617FACC3C6BCAF, 0ED93F659F61C6568F428C72D08DB4348742B9051AF4ED1DCAB8826625B4AE54 ] PhatHack Serial Driver D:\Program Files (x86)\PhatHack\PhatHack Media Manager\Beta\PhatHack Serial Driver.exe
18:03:41.0090 0x10a8 PhatHack Serial Driver - detected UnsignedFile.Multi.Generic ( 1 )
18:03:42.0935 0x2010 Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
18:03:43.0724 0x10a8 PhatHack Serial Driver ( UnsignedFile.Multi.Generic ) - warning
18:03:45.0443 0x2010 Object send P2P result: true
18:03:45.0443 0x2010 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
18:03:46.0262 0x10a8 [ 8C5737B889752EC37B49D730C24FB80B, 0101AEBE3870B59BE69DBF20FDD307BEDB10A6DB21750E57B9BD3B1961386979 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
18:03:46.0310 0x10a8 PhoneSvc - ok
18:03:46.0326 0x10a8 [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
18:03:46.0357 0x10a8 PimIndexMaintenanceSvc - ok
18:03:46.0436 0x10a8 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
18:03:46.0515 0x10a8 pla - ok
18:03:46.0531 0x10a8 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
18:03:46.0562 0x10a8 PlugPlay - ok
18:03:46.0562 0x10a8 [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth C:\WINDOWS\System32\drivers\pneteth.sys
18:03:46.0578 0x10a8 pneteth - ok
18:03:46.0594 0x10a8 [ 06841F5CD8410B6BDC0B5A631B8F8787, 95CA940AAE0C713C7161899D7DD7109FC985B60A1B3817C4243ED9870DA5FDE0 ] pnetmdm C:\WINDOWS\system32\DRIVERS\pnetmdm64.sys
18:03:46.0609 0x10a8 pnetmdm - ok
18:03:46.0609 0x10a8 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
18:03:46.0626 0x10a8 PNRPAutoReg - ok
18:03:46.0641 0x10a8 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
18:03:46.0673 0x10a8 PNRPsvc - ok
18:03:46.0688 0x10a8 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
18:03:46.0720 0x10a8 PolicyAgent - ok
18:03:46.0736 0x10a8 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
18:03:46.0767 0x10a8 Power - ok
18:03:46.0767 0x10a8 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
18:03:46.0799 0x10a8 PptpMiniport - ok
18:03:46.0878 0x10a8 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:03:47.0035 0x10a8 PrintNotify - ok
18:03:47.0051 0x10a8 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
18:03:47.0067 0x10a8 Processor - ok
18:03:47.0083 0x10a8 [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc C:\WINDOWS\system32\profsvc.dll
18:03:47.0114 0x10a8 ProfSvc - ok
18:03:47.0114 0x10a8 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
18:03:47.0130 0x10a8 Psched - ok
18:03:47.0145 0x10a8 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
18:03:47.0178 0x10a8 QWAVE - ok
18:03:47.0193 0x10a8 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
18:03:47.0209 0x10a8 QWAVEdrv - ok
18:03:47.0209 0x10a8 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:03:47.0240 0x10a8 RasAcd - ok
18:03:47.0240 0x10a8 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
18:03:47.0256 0x10a8 RasAgileVpn - ok
18:03:47.0271 0x10a8 [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:03:47.0304 0x10a8 RasAuto - ok
18:03:47.0304 0x10a8 [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
18:03:47.0335 0x10a8 Rasl2tp - ok
18:03:47.0351 0x10a8 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:03:47.0398 0x10a8 RasMan - ok
18:03:47.0414 0x10a8 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:03:47.0430 0x10a8 RasPppoe - ok
18:03:47.0445 0x10a8 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
18:03:47.0461 0x10a8 RasSstp - ok
18:03:47.0477 0x10a8 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:03:47.0509 0x10a8 rdbss - ok
18:03:47.0509 0x10a8 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
18:03:47.0524 0x10a8 rdpbus - ok
18:03:47.0540 0x10a8 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
18:03:47.0556 0x10a8 RDPDR - ok
18:03:47.0571 0x10a8 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:03:47.0587 0x10a8 RdpVideoMiniport - ok
18:03:47.0603 0x10a8 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
18:03:47.0619 0x10a8 rdyboost - ok
18:03:47.0650 0x10a8 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
18:03:47.0697 0x10a8 ReFSv1 - ok
18:03:47.0729 0x10a8 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:03:47.0761 0x10a8 RemoteAccess - ok
18:03:47.0776 0x10a8 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:03:47.0792 0x10a8 RemoteRegistry - ok
18:03:47.0823 0x10a8 [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
18:03:47.0902 0x10a8 RetailDemo - ok
18:03:47.0902 0x10a8 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
18:03:47.0918 0x10a8 RpcEptMapper - ok
18:03:47.0934 0x10a8 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:03:47.0950 0x10a8 RpcLocator - ok
18:03:47.0950 0x2010 Object send P2P result: true
18:03:47.0950 0x2010 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
18:03:47.0982 0x10a8 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:03:48.0028 0x10a8 RpcSs - ok
18:03:48.0028 0x10a8 [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys
18:03:48.0044 0x10a8 RrNetCapFilterDriver - ok
18:03:48.0060 0x10a8 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
18:03:48.0076 0x10a8 rspndr - ok
18:03:48.0092 0x10a8 [ 14190644E437A95B244BFC9B37ACDB61, 793142BF5BD234F6ADA35899CA0E3ED613BE7FD09D035E5851B8C893C20F98FB ] RTL8192su C:\WINDOWS\System32\drivers\RTL8192su.sys
18:03:48.0139 0x10a8 RTL8192su - ok
18:03:48.0139 0x10a8 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
18:03:48.0154 0x10a8 s3cap - ok
18:03:48.0171 0x10a8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
18:03:48.0187 0x10a8 SamSs - ok
18:03:48.0265 0x10a8 [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\WNt600x64\Sandra.sys
18:03:48.0265 0x10a8 SANDRA - ok
18:03:48.0281 0x10a8 [ 359CAF41D555FB06A1FB2F162A802D5E, 75D5028703ECCD19C441F4651BFBDE41B1DAB4D548A94354DF56874D078560D0 ] SandraAgentSrv d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\RpcAgentSrv.exe
18:03:48.0297 0x10a8 SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
18:03:50.0441 0x2010 Object send P2P result: true
18:03:50.0441 0x2010 Object required for P2P: [ EF1075935CEF62BD9D499A9BB0752EFC ] LavasoftAdAwareService11
18:03:50.0710 0x10a8 Detect skipped due to KSN trusted
18:03:50.0710 0x10a8 SandraAgentSrv - ok
18:03:50.0725 0x10a8 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
18:03:50.0741 0x10a8 sbp2port - ok
18:03:50.0757 0x10a8 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
18:03:50.0788 0x10a8 SCardSvr - ok
18:03:50.0788 0x10a8 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
18:03:50.0820 0x10a8 ScDeviceEnum - ok
18:03:50.0836 0x10a8 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:03:50.0851 0x10a8 scfilter - ok
18:03:50.0883 0x10a8 [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:03:50.0950 0x10a8 Schedule - ok
18:03:50.0962 0x10a8 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
18:03:50.0977 0x10a8 SCPolicySvc - ok
18:03:50.0993 0x10a8 [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
18:03:51.0009 0x10a8 sdbus - ok
18:03:51.0024 0x10a8 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
18:03:51.0056 0x10a8 SDRSVC - ok
18:03:51.0056 0x10a8 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
18:03:51.0072 0x10a8 sdstor - ok
18:03:51.0088 0x10a8 [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon C:\WINDOWS\system32\seclogon.dll
18:03:51.0103 0x10a8 seclogon - ok
18:03:51.0103 0x10a8 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
18:03:51.0135 0x10a8 SENS - ok
18:03:51.0167 0x10a8 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
18:03:51.0251 0x10a8 SensorDataService - ok
18:03:51.0267 0x10a8 [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService C:\WINDOWS\system32\SensorService.dll
18:03:51.0298 0x10a8 SensorService - ok
18:03:51.0314 0x10a8 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
18:03:51.0345 0x10a8 SensrSvc - ok
18:03:51.0345 0x10a8 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
18:03:51.0362 0x10a8 SerCx - ok
18:03:51.0377 0x10a8 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
18:03:51.0393 0x10a8 SerCx2 - ok
18:03:51.0393 0x10a8 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
18:03:51.0409 0x10a8 Serenum - ok
18:03:51.0424 0x10a8 [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial C:\WINDOWS\System32\drivers\serial.sys
18:03:51.0440 0x10a8 Serial - ok
18:03:51.0440 0x10a8 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
18:03:51.0471 0x10a8 sermouse - ok
18:03:51.0488 0x10a8 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
18:03:51.0519 0x10a8 SessionEnv - ok
18:03:51.0519 0x10a8 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
18:03:51.0550 0x10a8 sfloppy - ok
18:03:51.0566 0x10a8 [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:03:51.0597 0x10a8 SharedAccess - ok
18:03:51.0613 0x10a8 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:03:51.0675 0x10a8 ShellHWDetection - ok
18:03:51.0675 0x10a8 [ 62596AA6EBB6FAE14C8E84ABC4135171, 98E0E0C0FD1CDAC410F053AEDA22B37C7FAC8075B2D1D9D1B6CB651F55B5ACFB ] simptcp C:\WINDOWS\System32\tcpsvcs.exe
18:03:51.0694 0x10a8 simptcp - ok
18:03:51.0708 0x10a8 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:03:51.0723 0x10a8 SiSRaid2 - ok
18:03:51.0723 0x10a8 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
18:03:51.0739 0x10a8 SiSRaid4 - ok
18:03:51.0754 0x10a8 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
18:03:51.0770 0x10a8 smphost - ok
18:03:51.0806 0x10a8 [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
18:03:51.0852 0x10a8 SmsRouter - ok
18:03:51.0868 0x10a8 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
18:03:51.0896 0x10a8 SNMPTRAP - ok
18:03:51.0915 0x10a8 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
18:03:51.0945 0x10a8 spaceport - ok
18:03:51.0954 0x10a8 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
18:03:51.0969 0x10a8 SpbCx - ok
18:03:51.0996 0x10a8 [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler C:\WINDOWS\System32\spoolsv.exe
18:03:52.0048 0x10a8 Spooler - ok
18:03:52.0212 0x10a8 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
18:03:52.0425 0x10a8 sppsvc - ok
18:03:52.0441 0x10a8 [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:03:52.0456 0x10a8 SQLBrowser - ok
18:03:52.0473 0x10a8 [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:03:52.0489 0x10a8 SQLWriter - ok
18:03:52.0504 0x10a8 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:03:52.0536 0x10a8 srv - ok
18:03:52.0551 0x10a8 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
18:03:52.0599 0x10a8 srv2 - ok
18:03:52.0615 0x10a8 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:03:52.0630 0x10a8 srvnet - ok
18:03:52.0646 0x10a8 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:03:52.0677 0x10a8 SSDPSRV - ok
18:03:52.0677 0x10a8 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
18:03:52.0709 0x10a8 SstpSvc - ok
18:03:52.0725 0x10a8 [ 383C219BFA39703A5AF40F1636E3A7F8, D515E572EF440CAA5A97335421B284743A331827010EC854480E0234D58FEF43 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:03:52.0741 0x10a8 ssudmdm - ok
18:03:52.0804 0x10a8 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
18:03:52.0930 0x10a8 StateRepository - ok
18:03:52.0961 0x10a8 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:03:52.0993 0x10a8 Steam Client Service - ok
18:03:53.0008 0x10a8 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:03:53.0024 0x2010 Object send P2P result: true
18:03:53.0025 0x2010 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
18:03:53.0041 0x10a8 Stereo Service - ok
18:03:53.0041 0x10a8 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
18:03:53.0056 0x10a8 stexstor - ok
18:03:53.0072 0x10a8 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
18:03:53.0119 0x10a8 stisvc - ok
18:03:53.0135 0x10a8 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
18:03:53.0151 0x10a8 storahci - ok
18:03:53.0151 0x10a8 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
18:03:53.0167 0x10a8 storflt - ok
18:03:53.0182 0x10a8 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
18:03:53.0198 0x10a8 stornvme - ok
18:03:53.0198 0x10a8 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
18:03:53.0213 0x10a8 storqosflt - ok
18:03:53.0246 0x10a8 [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc C:\WINDOWS\system32\storsvc.dll
18:03:53.0277 0x10a8 StorSvc - ok
18:03:53.0293 0x10a8 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
18:03:53.0308 0x10a8 storufs - ok
18:03:53.0308 0x10a8 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
18:03:53.0324 0x10a8 storvsc - ok
18:03:53.0324 0x10a8 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
18:03:53.0356 0x10a8 svsvc - ok
18:03:53.0356 0x10a8 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
18:03:53.0372 0x10a8 swenum - ok
18:03:53.0387 0x10a8 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
18:03:53.0434 0x10a8 swprv - ok
18:03:53.0434 0x10a8 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:03:53.0450 0x10a8 Synth3dVsc - ok
18:03:53.0482 0x10a8 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
18:03:53.0545 0x10a8 SysMain - ok
18:03:53.0560 0x10a8 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:03:53.0592 0x10a8 SystemEventsBroker - ok
18:03:53.0608 0x10a8 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:03:53.0624 0x10a8 TabletInputService - ok
18:03:53.0639 0x10a8 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:03:53.0671 0x10a8 TapiSrv - ok
18:03:53.0687 0x10a8 [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
18:03:53.0687 0x10a8 tbhsd - ok
18:03:53.0750 0x10a8 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
18:03:53.0844 0x10a8 Tcpip - ok
18:03:53.0908 0x10a8 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
18:03:53.0986 0x10a8 Tcpip6 - ok
18:03:54.0002 0x10a8 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
18:03:54.0018 0x10a8 tcpipreg - ok
18:03:54.0034 0x10a8 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
18:03:54.0050 0x10a8 tdx - ok
18:03:54.0222 0x10a8 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:03:54.0412 0x10a8 TeamViewer - ok
18:03:54.0428 0x10a8 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
18:03:54.0443 0x10a8 terminpt - ok
18:03:54.0475 0x10a8 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
18:03:54.0538 0x10a8 TermService - ok
18:03:54.0538 0x10a8 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
18:03:54.0570 0x10a8 Themes - ok
18:03:54.0586 0x10a8 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
18:03:54.0617 0x10a8 TieringEngineService - ok
18:03:54.0633 0x10a8 [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
18:03:54.0681 0x10a8 tiledatamodelsvc - ok
18:03:54.0681 0x10a8 [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
18:03:54.0712 0x10a8 TimeBroker - ok
18:03:54.0712 0x10a8 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
18:03:54.0743 0x10a8 TPM - ok
18:03:54.0743 0x10a8 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
18:03:54.0774 0x10a8 TrkWks - ok
18:03:54.0794 0x10a8 [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] Trufos C:\WINDOWS\system32\DRIVERS\Trufos.sys
18:03:54.0813 0x10a8 Trufos - ok
18:03:54.0813 0x10a8 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:03:54.0844 0x10a8 TrustedInstaller - ok
18:03:54.0844 0x10a8 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
18:03:54.0859 0x10a8 tsusbflt - ok
18:03:54.0875 0x10a8 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:03:54.0892 0x10a8 TsUsbGD - ok
18:03:54.0892 0x10a8 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
18:03:54.0923 0x10a8 tunnel - ok
18:03:54.0939 0x10a8 [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
18:03:54.0954 0x10a8 tzautoupdate - ok
18:03:54.0970 0x10a8 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
18:03:54.0970 0x10a8 uagp35 - ok
18:03:54.0985 0x10a8 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
18:03:55.0002 0x10a8 UASPStor - ok
18:03:55.0002 0x10a8 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
18:03:55.0033 0x10a8 UcmCx0101 - ok
18:03:55.0033 0x10a8 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
18:03:55.0049 0x10a8 UcmUcsi - ok
18:03:55.0065 0x10a8 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
18:03:55.0080 0x10a8 Ucx01000 - ok
18:03:55.0096 0x10a8 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
18:03:55.0112 0x10a8 UdeCx - ok
18:03:55.0112 0x10a8 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
18:03:55.0144 0x10a8 udfs - ok
18:03:55.0159 0x10a8 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
18:03:55.0175 0x10a8 UEFI - ok
18:03:55.0175 0x10a8 [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
18:03:55.0206 0x10a8 Ufx01000 - ok
18:03:55.0206 0x10a8 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
18:03:55.0223 0x10a8 UfxChipidea - ok
18:03:55.0238 0x10a8 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:03:55.0254 0x10a8 ufxsynopsys - ok
18:03:55.0270 0x10a8 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
18:03:55.0285 0x10a8 UI0Detect - ok
18:03:55.0301 0x10a8 [ 5B99D25F5CA1F20CCED62381ED41793E, 672B40021E0C623ED8C7E3203261837B43A5EE750E59DAFC4D6EAC4911B12F44 ] UimBus C:\WINDOWS\System32\drivers\UimBus.sys
18:03:55.0301 0x10a8 UimBus - ok
18:03:55.0317 0x10a8 [ 67F428FA5F059A974529ECBA6A6C9D71, 912BCAEC818317AFD051351D5EAAF3B5EC8E5AD3CC9C1B8FC17F5DB78829615A ] Uim_DEVIM C:\WINDOWS\System32\drivers\uim_devim.sys
18:03:55.0333 0x10a8 Uim_DEVIM - ok
18:03:55.0349 0x10a8 [ 76E93AD89DEC20EE2AF99E17183F85AB, 4ED49ADA41FA2BFDCC11861241428E23E8396E72BE10929FF01F0FE48D3DF2C2 ] Uim_IM C:\WINDOWS\System32\drivers\uim_im.sys
18:03:55.0380 0x10a8 Uim_IM - ok
18:03:55.0396 0x10a8 [ 441E8BC5E68200038F0F1941A10C85F4, B93FB9DEC5365D526737A50C7958DB7441C515DF4AAACB6306998E18CF14F69B ] Uim_VIM C:\WINDOWS\System32\Drivers\uim_vimx64.sys
18:03:55.0411 0x10a8 Uim_VIM - ok
18:03:55.0427 0x10a8 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
18:03:55.0444 0x10a8 uliagpkx - ok
18:03:55.0444 0x10a8 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
18:03:55.0459 0x10a8 umbus - ok
18:03:55.0475 0x10a8 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
18:03:55.0490 0x10a8 UmPass - ok
18:03:55.0490 0x10a8 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
18:03:55.0522 0x10a8 UmRdpService - ok
18:03:55.0537 0x2010 Object send P2P result: true
18:03:55.0570 0x10a8 [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
18:03:55.0632 0x10a8 UnistoreSvc - ok
18:03:55.0680 0x10a8 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
18:03:55.0727 0x10a8 upnphost - ok
18:03:55.0727 0x10a8 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
18:03:55.0742 0x10a8 UrsChipidea - ok
18:03:55.0742 0x10a8 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
18:03:55.0758 0x10a8 UrsCx01000 - ok
18:03:55.0775 0x10a8 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
18:03:55.0790 0x10a8 UrsSynopsys - ok
18:03:55.0790 0x10a8 [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:03:55.0822 0x10a8 usbaudio - ok
18:03:55.0822 0x10a8 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
18:03:55.0837 0x10a8 usbccgp - ok
18:03:55.0853 0x10a8 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
18:03:55.0868 0x10a8 usbcir - ok
18:03:55.0885 0x10a8 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
18:03:55.0885 0x10a8 usbehci - ok
18:03:55.0916 0x10a8 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
18:03:55.0948 0x10a8 usbhub - ok
18:03:55.0963 0x10a8 [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
18:03:55.0995 0x10a8 USBHUB3 - ok
18:03:55.0995 0x10a8 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
18:03:56.0011 0x10a8 usbohci - ok
18:03:56.0027 0x10a8 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
18:03:56.0042 0x10a8 usbprint - ok
18:03:56.0042 0x10a8 [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
18:03:56.0058 0x10a8 usbser - ok
18:03:56.0074 0x10a8 [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:03:56.0089 0x10a8 USBSTOR - ok
18:03:56.0089 0x10a8 [ 9FB923D198FB99A8AC93256AC453033B, DDD9AB09DE598C3AAFDDA51C4544F4851D86768A09F32DD42AA5D6E85307A7B9 ] usbUDisc C:\WINDOWS\System32\drivers\USBDrv_AMD64.sys
18:03:56.0106 0x10a8 usbUDisc - ok
18:03:56.0106 0x10a8 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
18:03:56.0121 0x10a8 usbuhci - ok
18:03:56.0137 0x10a8 [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
18:03:56.0168 0x10a8 usbvideo - ok
18:03:56.0169 0x10a8 [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:03:56.0206 0x10a8 USBXHCI - ok
18:03:56.0237 0x10a8 [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
18:03:56.0316 0x10a8 UserDataSvc - ok
18:03:56.0379 0x10a8 [ CA902510DAF327CCFA59BCBFC00B3BAE, 3282993B28B64E2D7D4C94E5B2643431C96BF1AB30B48C30BED565F457D02B45 ] UserManager C:\WINDOWS\System32\usermgr.dll
18:03:56.0442 0x10a8 UserManager - ok
18:03:56.0458 0x10a8 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll
18:03:56.0489 0x10a8 UsoSvc - ok
18:03:56.0489 0x10a8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
18:03:56.0505 0x10a8 VaultSvc - ok
18:03:56.0520 0x10a8 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
18:03:56.0537 0x10a8 vdrvroot - ok
18:03:56.0562 0x10a8 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
18:03:56.0600 0x10a8 vds - ok
18:03:56.0615 0x10a8 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
18:03:56.0631 0x10a8 VerifierExt - ok
18:03:56.0663 0x10a8 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
18:03:56.0694 0x10a8 vhdmp - ok
18:03:56.0694 0x10a8 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
18:03:56.0710 0x10a8 vhf - ok
18:03:56.0726 0x10a8 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
18:03:56.0741 0x10a8 vmbus - ok
18:03:56.0741 0x10a8 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
18:03:56.0758 0x10a8 VMBusHID - ok
18:03:56.0773 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:03:56.0820 0x10a8 vmicguestinterface - ok
18:03:56.0836 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
18:03:56.0868 0x10a8 vmicheartbeat - ok
18:03:56.0884 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:03:56.0915 0x10a8 vmickvpexchange - ok
18:03:56.0931 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
18:03:56.0962 0x10a8 vmicrdv - ok
18:03:56.0979 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
18:03:57.0025 0x10a8 vmicshutdown - ok
18:03:57.0041 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
18:03:57.0072 0x10a8 vmictimesync - ok
18:03:57.0088 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
18:03:57.0119 0x10a8 vmicvmsession - ok
18:03:57.0135 0x10a8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
18:03:57.0166 0x10a8 vmicvss - ok
18:03:57.0182 0x10a8 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
18:03:57.0182 0x10a8 volmgr - ok
18:03:57.0198 0x10a8 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
18:03:57.0230 0x10a8 volmgrx - ok
18:03:57.0245 0x10a8 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
18:03:57.0276 0x10a8 volsnap - ok
18:03:57.0276 0x10a8 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
18:03:57.0292 0x10a8 vpci - ok
18:03:57.0308 0x10a8 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
18:03:57.0324 0x10a8 vsmraid - ok
18:03:57.0356 0x10a8 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
18:03:57.0435 0x10a8 VSS - ok
18:03:57.0450 0x10a8 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
18:03:57.0482 0x10a8 VSTXRAID - ok
18:03:57.0482 0x10a8 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
18:03:57.0513 0x10a8 vwifibus - ok
18:03:57.0513 0x10a8 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
18:03:57.0529 0x10a8 vwififlt - ok
18:03:57.0545 0x10a8 [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
18:03:57.0561 0x10a8 vwifimp - ok
18:03:57.0576 0x10a8 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
18:03:57.0623 0x10a8 W32Time - ok
18:03:57.0623 0x10a8 [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
18:03:57.0655 0x10a8 w3logsvc - ok
18:03:57.0671 0x10a8 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:03:57.0702 0x10a8 W3SVC - ok
18:03:57.0718 0x10a8 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
18:03:57.0734 0x10a8 WacomPen - ok
18:03:57.0750 0x10a8 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
18:03:57.0781 0x10a8 WalletService - ok
18:03:57.0797 0x10a8 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:03:57.0813 0x10a8 wanarp - ok
18:03:57.0828 0x10a8 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:03:57.0844 0x10a8 wanarpv6 - ok
18:03:57.0860 0x10a8 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:03:57.0892 0x10a8 WAS - ok
18:03:57.0939 0x10a8 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
18:03:58.0018 0x10a8 wbengine - ok
18:03:58.0033 0x10a8 [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
18:03:58.0081 0x10a8 WbioSrvc - ok
18:03:58.0097 0x10a8 [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
18:03:58.0144 0x10a8 Wcmsvc - ok
18:03:58.0159 0x10a8 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
18:03:58.0207 0x10a8 wcncsvc - ok
18:03:58.0207 0x10a8 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:03:58.0223 0x10a8 WcsPlugInService - ok
18:03:58.0254 0x10a8 [ 6211C43075D3538ADBF344F77C1A337C, 1B4F21358C0ED8666213F897F7F254985E8666AC14568157A7143DD3DC9B2ADF ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
18:03:58.0302 0x10a8 WDBackup - ok
18:03:58.0302 0x10a8 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
18:03:58.0318 0x10a8 WdBoot - ok
18:03:58.0333 0x10a8 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
18:03:58.0349 0x10a8 WDC_SAM - ok
18:03:58.0365 0x10a8 [ 4FF0B0152F9D669258F8692C047B03B1, E88398364405BFD13B91565E032C8FA2E9EF348C20B5295157683D6228E84786 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
18:03:58.0380 0x10a8 WDDriveService - ok
18:03:58.0396 0x10a8 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
18:03:58.0444 0x10a8 Wdf01000 - ok
18:03:58.0444 0x10a8 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
18:03:58.0475 0x10a8 WdFilter - ok
18:03:58.0475 0x10a8 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
18:03:58.0506 0x10a8 WdiServiceHost - ok
18:03:58.0506 0x10a8 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
18:03:58.0538 0x10a8 WdiSystemHost - ok
18:03:58.0570 0x10a8 [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:03:58.0601 0x10a8 wdiwifi - ok
18:03:58.0617 0x10a8 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:03:58.0633 0x10a8 WdNisDrv - ok
18:03:58.0633 0x10a8 WdNisSvc - ok
18:03:58.0649 0x10a8 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:03:58.0680 0x10a8 WebClient - ok
18:03:58.0696 0x10a8 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
18:03:58.0727 0x10a8 Wecsvc - ok
18:03:58.0727 0x10a8 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
18:03:58.0744 0x10a8 WEPHOSTSVC - ok
18:03:58.0759 0x10a8 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
18:03:58.0790 0x10a8 wercplsupport - ok
18:03:58.0790 0x10a8 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
18:03:58.0822 0x10a8 WerSvc - ok
18:03:58.0837 0x10a8 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
18:03:58.0854 0x10a8 WFPLWFS - ok
18:03:58.0870 0x10a8 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
18:03:58.0885 0x10a8 WiaRpc - ok
18:03:58.0885 0x10a8 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
18:03:58.0901 0x10a8 WIMMount - ok
18:03:58.0901 0x10a8 WinDefend - ok
18:03:58.0932 0x10a8 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:03:58.0948 0x10a8 WindowsTrustedRT - ok
18:03:58.0948 0x10a8 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:03:58.0964 0x10a8 WindowsTrustedRTProxy - ok
18:03:58.0980 0x10a8 [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:03:59.0027 0x10a8 WinHttpAutoProxySvc - ok
18:03:59.0042 0x10a8 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
18:03:59.0058 0x10a8 WinMad - ok
18:03:59.0075 0x10a8 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:03:59.0090 0x10a8 Winmgmt - ok
18:03:59.0168 0x10a8 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:03:59.0279 0x10a8 WinRM - ok
18:03:59.0295 0x10a8 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
18:03:59.0311 0x10a8 WINUSB - ok
18:03:59.0327 0x10a8 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
18:03:59.0342 0x10a8 WinVerbs - ok
18:03:59.0406 0x10a8 [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
18:03:59.0516 0x10a8 WlanSvc - ok
18:03:59.0563 0x10a8 [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
18:03:59.0673 0x10a8 wlidsvc - ok
18:03:59.0682 0x10a8 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
18:03:59.0689 0x10a8 WmiAcpi - ok
18:03:59.0705 0x10a8 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:03:59.0737 0x10a8 wmiApSrv - ok
18:03:59.0737 0x10a8 WMPNetworkSvc - ok
18:03:59.0753 0x10a8 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
18:03:59.0768 0x10a8 Wof - ok
18:03:59.0815 0x10a8 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
18:03:59.0910 0x10a8 workfolderssvc - ok
18:03:59.0925 0x10a8 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:03:59.0941 0x10a8 wpcfltr - ok
18:03:59.0941 0x10a8 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
18:03:59.0973 0x10a8 WPDBusEnum - ok
18:03:59.0973 0x10a8 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:03:59.0989 0x10a8 WpdUpFltr - ok
18:03:59.0989 0x10a8 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
18:04:00.0020 0x10a8 WpnService - ok
18:04:00.0020 0x10a8 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:04:00.0036 0x10a8 ws2ifsl - ok
18:04:00.0060 0x10a8 [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
18:04:00.0077 0x10a8 wscsvc - ok
18:04:00.0092 0x10a8 WSearch - ok
18:04:00.0171 0x10a8 [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService C:\WINDOWS\System32\WSService.dll
18:04:00.0297 0x10a8 WSService - ok
18:04:00.0375 0x10a8 [ C2D78B6667E0341802C4F38E9C02F93D, D2639EF935C5C5BCFECF1BDACC1BA480786A810084EEB62B7C5A0E57618FCCE1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
18:04:00.0470 0x10a8 wuauserv - ok
18:04:00.0486 0x10a8 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
18:04:00.0502 0x10a8 WudfPf - ok
18:04:00.0518 0x10a8 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
18:04:00.0549 0x10a8 WUDFRd - ok
18:04:00.0549 0x10a8 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
18:04:00.0565 0x10a8 wudfsvc - ok
18:04:00.0581 0x10a8 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:04:00.0612 0x10a8 WUDFWpdFs - ok
18:04:00.0644 0x10a8 [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
18:04:00.0707 0x10a8 WwanSvc - ok
18:04:00.0739 0x10a8 [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
18:04:00.0786 0x10a8 XblAuthManager - ok
18:04:00.0834 0x10a8 [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
18:04:00.0896 0x10a8 XblGameSave - ok
18:04:00.0896 0x10a8 [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
18:04:00.0927 0x10a8 xboxgip - ok
18:04:00.0960 0x10a8 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
18:04:01.0022 0x10a8 XboxNetApiSvc - ok
18:04:01.0022 0x10a8 [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
18:04:01.0038 0x10a8 xinputhid - ok
18:04:01.0054 0x10a8 ================ Scan global ===============================
18:04:01.0054 0x10a8 [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
18:04:01.0070 0x10a8 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
18:04:01.0086 0x10a8 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
18:04:01.0101 0x10a8 [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
18:04:01.0117 0x10a8 [ Global ] - ok
18:04:01.0117 0x10a8 ================ Scan MBR ==================================
18:04:01.0117 0x10a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:04:01.0353 0x10a8 \Device\Harddisk0\DR0 - ok
18:04:01.0353 0x10a8 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
18:04:01.0464 0x10a8 \Device\Harddisk1\DR1 - ok
18:04:01.0464 0x10a8 ================ Scan VBR ==================================
18:04:01.0464 0x10a8 [ 2A2831071D1217E553F136A1CD111BDD ] \Device\Harddisk0\DR0\Partition1
18:04:01.0511 0x10a8 \Device\Harddisk0\DR0\Partition1 - ok
18:04:01.0527 0x10a8 [ 10D5C1515FA9DA74F69F9E2471AE3E3F ] \Device\Harddisk0\DR0\Partition2
18:04:01.0590 0x10a8 \Device\Harddisk0\DR0\Partition2 - ok
18:04:01.0590 0x10a8 [ 480BDA8D1115751CCE73079F499F788B ] \Device\Harddisk0\DR0\Partition3
18:04:01.0653 0x10a8 \Device\Harddisk0\DR0\Partition3 - ok
18:04:01.0653 0x10a8 [ D6935C7988861D5CF6985DDBDE9F8B3B ] \Device\Harddisk1\DR1\Partition1
18:04:01.0653 0x10a8 \Device\Harddisk1\DR1\Partition1 - ok
18:04:01.0653 0x10a8 ================ Scan generic autorun ======================
18:04:01.0669 0x10a8 [ 968EDA6EA6E00DFAE78586BFA6322B74, 8F3A01704E67D2F9212A08F0D5B4FF15DEE4791E1BB303DF4C9CF7DD3871E6E5 ] C:\VIA_XHCI\usb3Monitor.exe
18:04:01.0684 0x10a8 VIAxHCUtl - detected UnsignedFile.Multi.Generic ( 1 )
18:04:04.0680 0x10a8 Detect skipped due to KSN trusted
18:04:04.0680 0x10a8 VIAxHCUtl - ok
18:04:04.0744 0x10a8 [ A0012C1D9B8648C20C00202418B9D02F, 833AFB6BCABBF9991C811D6D1BF2C7B95A584F46D93C6B3F49CA2A8A6BE5E657 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:04:04.0807 0x10a8 NvBackend - ok
18:04:04.0823 0x10a8 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
18:04:04.0854 0x10a8 ShadowPlay - ok
18:04:04.0854 0x10a8 [ 5917DC01B9AC1FD64136D4691FFC7987, 8AAB5E31A4F4056843EC0896BF3F0A91604FF39F4AD439F64D2E882E72511A98 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
18:04:04.0870 0x10a8 Classic Start Menu - ok
18:04:04.0917 0x10a8 [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] D:\Program Files\iTunes\iTunesHelper.exe
18:04:04.0933 0x10a8 iTunesHelper - ok
18:04:05.0075 0x10a8 [ 25218B917E6C638A5A0257BBAF3AF7DB, 7DC4D65462D45CE4230300555C5EE666729179F135C720B2B79DC8409743A0F7 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
18:04:05.0232 0x10a8 WD Quick View - ok
18:04:05.0295 0x10a8 [ 0610E1989914B6DA54165A4F2C766721, CFFDCA465C9A6988A747C08346B9A122A4DB08AACE42B8AEB4AE410981044892 ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
18:04:05.0342 0x10a8 WD Drive Unlocker - ok
18:04:05.0359 0x10a8 [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:04:05.0390 0x10a8 SunJavaUpdateSched - ok
18:04:05.0437 0x10a8 [ DB20FE51008B4030B8C1570C4E80A7FE, A4E14ED94D0DE3CFE0DC26DC33AEB7B4B8522C9E6F4BB628290AA772DC6A5779 ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
18:04:05.0501 0x10a8 DriveUtilitiesHelper - ok
18:04:05.0516 0x10a8 [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:04:05.0516 0x10a8 Avira SystrayStartTrigger - ok
18:04:05.0547 0x10a8 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
18:04:05.0580 0x10a8 avgnt - ok
18:04:05.0784 0x10a8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:04:06.0006 0x10a8 OneDriveSetup - ok
18:04:06.0211 0x10a8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:04:06.0400 0x10a8 OneDriveSetup - ok
18:04:06.0416 0x10a8 Lync - ok
18:04:06.0447 0x10a8 [ 17A2A23B6701404FD9D33FB1D8956001, 63A8905CBDAB7ED74D2305E9D3B910AC01161C06051A1A1EF7FF78546F32CF8C ] D:\Program Files (x86)\No-IP\DUC40.exe
18:04:06.0464 0x10a8 NoIPDUCv4 - detected UnsignedFile.Multi.Generic ( 1 )
18:04:07.0250 0x16b0 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
18:04:09.0353 0x10a8 Detect skipped due to KSN trusted
18:04:09.0353 0x10a8 NoIPDUCv4 - ok
18:04:09.0384 0x10a8 [ BC49C6D6DC13F0AEEDC12264B7C9D4BE, BF50D3AB2AD246318D0B2CC01BFBA76AF6C9AC5AA41A807521ABA1E478C8CCF5 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:04:09.0416 0x10a8 CFA4BAFF5696A87DDBFEBDBB843936345DB9A8D9._service_run - ok
18:04:09.0494 0x10a8 [ B8C93930C5F4F8C8EC46BFACD32078ED, C219B07C13DE0C45CB0D51CCD6971A389DCEDA316964CCBBF4F87CA60B31D01A ] C:\Users\Peter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
18:04:09.0589 0x10a8 Amazon Cloud Player - ok
18:04:09.0605 0x10a8 GoogleDriveSync - ok
18:04:09.0637 0x10a8 [ F6041A72058ADD22166C31B5FD5E919C, 3B10A1273C7E687B1C2D5895B576D4786E4D051E06D001F7B7B969401C58FD2D ] C:\Users\Peter\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:04:09.0684 0x10a8 Spotify Web Helper - ok
18:04:09.0684 0x10a8 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Peter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:04:09.0699 0x10a8 Dropbox Update - ok
18:04:09.0858 0x10a8 [ 1D80C2AA59CFD761B362BE0C2A9A6600, D2D8C93DDD99791101C15C67CB3BD89400515AFD498B93EAF30E4A385488A5FC ] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
18:04:10.0030 0x10a8 Plex Media Server - ok
18:04:10.0062 0x10a8 [ 3946B4FF12067113680EE9D61A1716EE, 408E05A05B0190840735DDF1B428C21ED2493C62D33B7DA69EAD54F718084240 ] C:\Program Files (x86)\ASUS\PC Link\PCLink.exe
18:04:10.0078 0x10a8 PCLink - ok
18:04:10.0204 0x10a8 [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] D:\Program Files (x86)\Steam\steam.exe
18:04:10.0299 0x10a8 Steam - ok
18:04:10.0315 0x10a8 [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:04:10.0346 0x10a8 OneDrive - ok
18:04:10.0409 0x16b0 Object send P2P result: true
18:04:10.0409 0x16b0 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
18:04:10.0535 0x10a8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:04:10.0724 0x10a8 OneDriveSetup - ok
18:04:10.0756 0x10a8 [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:04:10.0803 0x10a8 WAB Migrate - ok
18:04:10.0803 0x10a8 Waiting for KSN requests completion. In queue: 176
18:04:11.0246 0x09f0 Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:04:11.0813 0x10a8 Waiting for KSN requests completion. In queue: 170
18:04:12.0822 0x10a8 Waiting for KSN requests completion. In queue: 170
18:04:13.0617 0x16b0 Object send P2P result: true
18:04:13.0632 0x16b0 Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
18:04:13.0838 0x10a8 Waiting for KSN requests completion. In queue: 84
18:04:13.0900 0x2274 Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] D:\Program Files (x86)\Steam\steam.exe
18:04:14.0331 0x09f0 Object send P2P result: true
18:04:14.0331 0x09f0 Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:04:14.0852 0x10a8 Waiting for KSN requests completion. In queue: 76
18:04:15.0866 0x10a8 Waiting for KSN requests completion. In queue: 76
18:04:16.0829 0x16b0 Object send P2P result: true
18:04:16.0875 0x10a8 Waiting for KSN requests completion. In queue: 8
18:04:17.0128 0x2274 Object send P2P result: true
18:04:17.0128 0x2274 Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:04:17.0586 0x09f0 Object send P2P result: true
18:04:17.0884 0x10a8 Waiting for KSN requests completion. In queue: 2
18:04:18.0894 0x10a8 Waiting for KSN requests completion. In queue: 2
18:04:19.0903 0x10a8 Waiting for KSN requests completion. In queue: 2
18:04:20.0425 0x2274 Object send P2P result: true
18:04:20.0977 0x10a8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
18:04:20.0993 0x10a8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
18:04:20.0993 0x10a8 AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareSecurityCenter.exe ( 11.9.696.8769 ), 0x40010 ( disabled : outofdate )
18:04:20.0993 0x10a8 FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareSecurityCenter.exe ( 11.9.696.8769 ), 0x40010 ( disabled )
18:04:21.0008 0x10a8 Win FW state via NFP2: enabled ( trusted )
18:04:23.0404 0x10a8 ============================================================
18:04:23.0404 0x10a8 Scan finished
18:04:23.0404 0x10a8 ============================================================
18:04:23.0405 0x0ae0 Detected object count: 1
18:04:23.0405 0x0ae0 Actual detected object count: 1
18:05:20.0429 0x0ae0 PhatHack Serial Driver ( UnsignedFile.Multi.Generic ) - skipped by user
18:05:20.0429 0x0ae0 PhatHack Serial Driver ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:09:07.0457 0x10b4 Deinitialize success
|
|
06.01.2016, 19:10
| #5 |
| /// TB-Ausbilder | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus, Mehrere Anti-Virus-Programme Code:
ATTFilter Ad-Aware AntiVirus
Avira
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
06.01.2016, 19:59
| #6 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Hallo, Erstmal danke für deine geduld Ich hab Avira deinstalliert und Ad-Aware draufgelassen. Reicht eigentlich der Windows Defender auch? Ich hab mit mbar nur system gescanned (also Haken bei Drivers und Sectors rausgemacht) -> Keine Malware gefunden.. Scanne grade nochmal mit allem angehakt.. scan finished. No malware found Geändert von Clusterix (06.01.2016 um 20:52 Uhr) |
|
07.01.2016, 13:41
| #7 |
| /// TB-Ausbilder | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus, ich verwende selbst den Windows Defender, klar genügt der auch. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
07.01.2016, 15:16
| #8 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus Matthias, here we go: Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 07/01/2016 um 14:24:17
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : Peter - BEDA-AIO
# Gestartet von : C:\Users\Peter\Desktop\AdwCleaner_5.028.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
***** [ Internetbrowser ] *****
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.conduit.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.surfcanyon.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : conduit.search
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : istartsurf
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : search.icq.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : istartsurf.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : de.search.yahoo.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : omniboxes
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : kerbal-space-program.softonic.de
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : ask.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : aol.com
[C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : fmlgoencnlndpglbocajlimaikjohmab
########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2432 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 07.01.2016 Suchlaufzeit: 14:37 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.07.03 Rootkit-Datenbank: v2016.01.05.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Peter Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 445554 Abgelaufene Zeit: 10 Min., 25 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Pro x64
Ran by Peter (Administrator) on 07.01.2016 at 15:01:15,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.01.2016 at 15:03:37,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
07.01.2016, 15:18
| #9 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite hier die FRST dateien |
|
07.01.2016, 17:34
| #10 |
| /// TB-Ausbilder | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus, Schritt 1 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 2 Downloade dir ZHPCleaner auf deinen Desktop.
Schritt 3
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche? In welchem Browser treten eventuelle Probleme auf?Bitte poste mit deiner nächsten Antwort
|
|
07.01.2016, 19:19
| #11 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus Matthias, hab mir leider auf der französischen Seite von ZHPCleaner aus Versehen den installer runtergeladen (hatte zwar einiges abgewählt gehabt, als er aber nicht installiert wurde, wurde mir das klar, dass ich toolbars o.Ä installiert hab  was jetzt aber nicht so das problem sein sollte ;9)Nichtsdestotrotz ist das popup pünktlich um 19:10 wieder gekommen (man kann anhaken und bei ok auf ...jmp2.in.. und von da auf nen mcafeestore weitergeleitet, hab mal ein Bild angehängt) Code:
ATTFilter Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Peter on 07.01.2016 at 17:57:24,35.
Microsoft Windows 10 Pro 10.0.10586 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Peter\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
07.01.2016 17:59:32 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== FireFox Fix ======================
Deleted from C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://google.de");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default
- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\vudtmujw.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
88C9284589B5AEEF93AAF8016BA1290D - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll - Microsoft Office 2013
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences.bak was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
==== shortcuts on Users Desktops ======================
C:\Users\Peter\Desktop\ALF-BanCo 4.lnk - D:\Program Files (x86)\ALFBanCo4\AlfBanCo4.exe
C:\Users\Peter\Desktop\Amazon Cloud Player.lnk - C:\Users\Peter\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe
C:\Users\Peter\Desktop\Beda - Verknüpfung.lnk -
C:\Users\Peter\Desktop\DiskBoss.lnk - D:\Program Files (x86)\DiskBoss\bin\diskbsg.exe
C:\Users\Peter\Desktop\Dropbox.lnk - C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Peter\Desktop\Easy Poster Printer.lnk - C:\Users\Peter\AppData\Roaming\Microsoft\Installer\{1B5979B5-FE79-405A-A023-592DCE48C522}\_98DB30F986FCF6D1CB2D3C.exe
C:\Users\Peter\Desktop\Godmode.lnk - C:\Windows\explorer.exe
C:\Users\Peter\Desktop\Google Drive.lnk - C:\Users\Peter\Google Drive
C:\Users\Peter\Desktop\HE Laserscan V.lnk - C:\Users\Peter\AppData\Roaming\Microsoft\Installer\{4CAF1B06-DD5A-4DE1-A41A-0111C2F4226C}\_38cb61a.exe
C:\Users\Peter\Desktop\Helium Music Manager 10.lnk - D:\Program Files (x86)\Intermedia Software\Helium 10\helium10.exe
C:\Users\Peter\Desktop\IrfanView Thumbnails.lnk - D:\Program Files (x86)\IrfanView\i_view32.exe
C:\Users\Peter\Desktop\IrfanView.lnk - D:\Program Files (x86)\IrfanView\i_view32.exe
C:\Users\Peter\Desktop\KENWOOD Music Editor Light.lnk - D:\Program Files (x86)\KENWOOD\KENWOOD Music Editor Light\KMELight.exe
C:\Users\Peter\Desktop\MP3 Repair Tool.lnk - C:\Program Files (x86)\Aspect one\MP3 Repair Tool\MP3RepairTool.exe
C:\Users\Peter\Desktop\MusicBee.lnk - D:\Program Files (x86)\MusicBee\MusicBee.exe
C:\Users\Peter\Desktop\MusicBrainz Picard.lnk - D:\Program Files (x86)\MusicBrainz Picard\picard.exe
C:\Users\Peter\Desktop\MyPhoneExplorer.lnk - D:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
C:\Users\Peter\Desktop\Notepad++.lnk - D:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\Peter\Desktop\OneDrive - Verknüpfung.lnk -
C:\Users\Peter\Desktop\Spotify.lnk - C:\Users\Peter\AppData\Roaming\Spotify\spotify.exe
C:\Users\Peter\Desktop\TagScanner.lnk - D:\Program Files (x86)\TagScanner\Tagscan.exe
C:\Users\Peter\Desktop\Total Commander 64 bit.lnk - D:\Program Files\totalcmd\TOTALCMD64.EXE
C:\Users\Peter\Desktop\Zettelabgabe.lnk - C:\Users\Public\Documents\Zettelabgabe.xlsx
C:\Users\Peter\Desktop\µTorrent.lnk -
C:\Users\Peter\Desktop\Anti Malware\Ad-Aware Antivirus.lnk - C:\Program Files (x86)\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareDesktop.exe
C:\Users\Peter\Desktop\Anti Malware\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Peter\Desktop\Anti Malware\ Malwarebytes Anti-Malware .lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\Users\Peter\Desktop\Anti Malware\Spybot-S&D Start Center.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\Users\Public\Desktop\ALF-BanCo 5.lnk - D:\Program Files (x86)\ALFBanCo5\AlfBanCo5.exe
C:\Users\Public\Desktop\ALF-BanCo 6.lnk - D:\Program Files (x86)\ALFBanCo6\AlfBanCo6.exe
C:\Users\Public\Desktop\AllDup.lnk - D:\Program Files (x86)\AllDup\AllDup.exe
C:\Users\Public\Desktop\Ashampoo Music Studio 6.lnk - D:\Program Files (x86)\Ashampoo\Ashampoo Music Studio 6\MusicStudio.exe
C:\Users\Public\Desktop\Audials 11.lnk - D:\Program Files (x86)\Audials\Audials 11\AudialsStarter.exe
C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk - D:\Program Files (x86)\Avidemux 2.6\avidemux.exe
C:\Users\Public\Desktop\BanCo-Ticker 6.lnk - D:\Program Files (x86)\ALFBanCo6\BanCoTicker6.exe
C:\Users\Public\Desktop\BanCo-Ticker.lnk - D:\Program Files (x86)\ALFBanCo5\BanCoTicker5.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CDBurnerXP.lnk - D:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Public\Desktop\Data Migration.lnk - C:\Program Files (x86)\Samsung\Samsung Data Migration\Data Migration.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\Users\Public\Desktop\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\Users\Public\Desktop\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\Users\Public\Desktop\HDD Guardian.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\hddguardian.exe
C:\Users\Public\Desktop\HTC Sync Manager.lnk - D:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
C:\Users\Public\Desktop\IIDSC Recorder.lnk - D:\Program Files (x86)\IIDSC_Project\IIDSC_Recorder\IIDSC Recorder.exe
C:\Users\Public\Desktop\ImgBurn.lnk - D:\Program Files (x86)\ImgBurn\ImgBurn.exe
C:\Users\Public\Desktop\iTunes.lnk - D:\Program Files\iTunes\iTunes.exe
C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\Users\Public\Desktop\MediaMonkey.lnk - D:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Mp3tag.lnk - D:\Program Files (x86)\Mp3tag\Mp3tag.exe
C:\Users\Public\Desktop\MyPhoneExplorer.lnk - D:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
C:\Users\Public\Desktop\Paragon Backup and Recovery™ 12 Home.lnk -
C:\Users\Public\Desktop\PC Link.lnk - C:\Program Files (x86)\ASUS\PC Link\PCLink.exe
C:\Users\Public\Desktop\PhoenixSuit.lnk - C:\Windows\Installer\{EBF1BED9-4321-40D7-8837-177AE54C457C}\_204CCD2E1213AA4E8B3BAD.exe
C:\Users\Public\Desktop\PokerStars.eu.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Samsung Magician.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Users\Public\Desktop\SeaTools for Windows.lnk - D:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe
C:\Users\Public\Desktop\SiSoftware Sandra Lite 2016.RTM.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sandra.exe
C:\Users\Public\Desktop\SSD Fresh.lnk - D:\Program Files (x86)\SSD Fresh\SSDFresh.exe
C:\Users\Public\Desktop\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\TeamViewer 11.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Public\Desktop\VLC media player.lnk - D:\Program Files\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe
C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Public\Desktop\YouTube Song Downloader.lnk - D:\Program Files (x86)\YouTube Song Downloader\YouTubeSongDownloader.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Poster Printer.lnk - C:\Users\Peter\AppData\Roaming\Microsoft\Installer\{1B5979B5-FE79-405A-A023-592DCE48C522}\_1C3B36736D8B29B25AABB8.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk - C:\Windows\System32\fodhelper.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\WINDOWS\system32\narrator.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\WINDOWS\system32\osk.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk - C:\WINDOWS\DevicesFlow\DevicesFlow.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk - C:\WINDOWS\System32\Control.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk - C:\WINDOWS\MiracastView\MiracastView.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk - C:\WINDOWS\PrintDialog\PrintDialog.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk - C:\WINDOWS\system32\rundll32.exe -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk - C:\WINDOWS\Speech\Common\sapisvr.exe -SpeechUX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk - C:\WINDOWS\system32\mspaint.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\WINDOWS\system32\mstsc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk - C:\WINDOWS\system32\psr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk - C:\WINDOWS\system32\xpsrchvw.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk - C:\WINDOWS\system32\charmap.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk - C:\WINDOWS\system32\comexp.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk - C:\WINDOWS\system32\compmgmt.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk - C:\WINDOWS\system32\dfrgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk - C:\WINDOWS\system32\cleanmgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk - C:\WINDOWS\system32\eventvwr.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\IIS Manager.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk - C:\WINDOWS\system32\iscsicpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk - C:\WINDOWS\syswow64\odbcad32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk - C:\WINDOWS\system32\odbcad32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk - C:\WINDOWS\system32\perfmon.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk - C:\WINDOWS\system32\perfmon.exe /res
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk - C:\WINDOWS\system32\services.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk - C:\WINDOWS\system32\msinfo32.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk - C:\WINDOWS\system32\taskschd.msc /s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk - C:\WINDOWS\system32\WF.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\ALF-BanCo 5 entfernen.lnk - D:\Program Files (x86)\ALFBanCo5\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\ALF-BanCo 5.lnk - D:\Program Files (x86)\ALFBanCo5\AlfBanCo5.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Auf Update prüfen.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\BanCo-Ticker.lnk - D:\Program Files (x86)\ALFBanCo5\BanCoTicker5.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Datensicherung.lnk - D:\Program Files (x86)\ALFBanCo5\AlfHbBackup5.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Fernwartung.lnk - D:\Program Files (x86)\ALFBanCo5\AlfBanCo_Fernwartung.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Handbuch.lnk - D:\Program Files (x86)\ALFBanCo5\Daten\ALF-BanCo5Hilfe.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Kartenleser einrichten.lnk - D:\Program Files (x86)\ALFBanCo5\AlfCTInst5.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Konvertierung alter Daten.lnk - D:\Program Files (x86)\ALFBanCo5\BanCo5Convert.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 5\Support-Tool.lnk - D:\Program Files (x86)\ALFBanCo5\AlfSupport5.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\ALF-BanCo 6 entfernen.lnk - D:\Program Files (x86)\ALFBanCo6\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\ALF-BanCo 6.lnk - D:\Program Files (x86)\ALFBanCo6\AlfBanCo6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Auf Update prüfen.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\BanCo-Ticker.lnk - D:\Program Files (x86)\ALFBanCo6\BanCoTicker6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Datensicherung.lnk - D:\Program Files (x86)\ALFBanCo6\AlfHbBackup6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Fernwartung.lnk - D:\Program Files (x86)\ALFBanCo6\AlfBanCo_Fernwartung.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Handbuch.lnk - D:\Program Files (x86)\ALFBanCo6\Daten\ALF-BanCo6Handbuch.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Kartenleser einrichten.lnk - D:\Program Files (x86)\ALFBanCo6\AlfCTInst6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Konvertierung alter Daten.lnk - D:\Program Files (x86)\ALFBanCo6\BanCo6Convert.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALF-BanCo 6\Support-Tool.lnk - D:\Program Files (x86)\ALFBanCo6\AlfSupport6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\DiskInternals Linux Reader.lnk - D:\Program Files (x86)\DiskInternals\LinuxReader\LinuxReader64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\DiskInternals Research.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\Documentation.lnk - D:\Program Files (x86)\DiskInternals\LinuxReader\help.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals\Linux Reader\Uninstall.lnk - D:\Program Files (x86)\DiskInternals\LinuxReader\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\HDD Guardian 0.6.2 Deinstallation.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\HDD Guardian Toolbox.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\toolbox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\HDD Guardian.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\hddguardian.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\License.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\License.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\Logical Disk Monitor.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\ldm.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Guardian 0.6.2\Translation Tool.lnk - D:\Program Files (x86)\HDD Guardian 0.6.2\Languages\translationtool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIDSC Project\IIDSC Recorder\Uninstall IIDSC Recorder.lnk - D:\Program Files (x86)\IIDSC_Project\IIDSC_Recorder\msiexec.exe /x {02AB6049-EA12-4FFE-AF3C-159C28FEE0C8}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS\IIS Client Manager.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - D:\Program Files\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk - C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk - C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files\Java\jdk1.7.0_51\bin\jmc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Referenzdokumentation.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk - D:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\outlook.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Data Migration\Data Migration.lnk - C:\Program Files (x86)\Samsung\Samsung Data Migration\Data Migration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician entfernen.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician\Samsung Magician.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk - D:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe d:\Program Files (x86)\Seagate\SeaTools for Windows\STX_Oz_multi.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk - D:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Deinstalliere Sandra.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Dokumentation.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sandra.07.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\SiSoftware Sandra Lite 2016.RTM.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sandra.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Analyse-Skript.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Analysis Script.sis
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Burn-in Skript.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Burn Script.sis
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Skript zur Berichtserzeugung.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Report Script.sis
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Beispielskripte\Skript zur Umgebungsueberwachung.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Monitor Script.sis
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im HTML-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im MIF-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.mif
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im Text-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Berichtsbeispiele\Bericht im XML-Format.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\System Report.xml
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\Access Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Access Schema.mdb
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\mySQL Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\mySQL Schema.sql
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\Oracle Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\Oracle Schema.sql
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Datenbank-Schemata\SQL Server-Schema.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\Examples\SQL Server Schema.sql
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\ Bestellen Sie die Vollversion, um weitere Features freizuschalten.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\order.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\Bestellen Sie die Vollversion für gewerbliche Nutzung, um weitere Features freizuschalten.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware @ Facebook.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\facebook.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware @ Twitter.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\twitter.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware im Internet.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\sisoftware.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\SiSoftware Preisvergleich.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\shop.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware\Internet-Links\Statistiken und Bewertungen.lnk - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2016.RTM\ranks.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Fresh\SSD Fresh.lnk - D:\Program Files (x86)\SSD Fresh\SSDFresh.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk - C:\WINDOWS\system32\control.exe /name Microsoft.DefaultPrograms
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk - C:\WINDOWS\system32\taskmgr.exe /7
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Data Lifeguard Diagnostic for Windows.lnk - D:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\WinDlg.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Help Documentation.lnk - D:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\help.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\Uninstall Data Lifeguard Diagnostic for Windows.lnk - D:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\unins000.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk - D:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Helium Music Manager 10.lnk - D:\Program Files (x86)\Intermedia Software\Helium 10\helium10.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk - D:\Program Files (x86)\ImgBurn\ImgBurn.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MP3 Repair Tool.lnk - C:\Program Files (x86)\Aspect one\MP3 Repair Tool\MP3RepairTool.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.eu.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Magician.lnk - D:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f966724577ef19eb\PokerStars.EU.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PokerStars.eu.lnk - D:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk - D:\Program Files\totalcmd\TOTALCMD64.EXE
C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
==== EOF on 07.01.2016 at 18:03:07,02 ======================
Code:
ATTFilter ~ ZHPCleaner v2016.1.7.4 by Nicolas Coolman (2016/01/07)
~ Run by Peter (Administrator) (07/01/2016 18:48:12)
~ Site : hxxp://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Peter\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Peter\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)
---\\ Dienst. (0)
~ Alle bösartigen oder unnötige Element gefunden.
---\\ Browser. (1)
GEFUNDEN Chrome Secure Preferences: "hxxp://www.palikan.com/?f=7&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir=" =>PUP.Optional.GoPalikan
---\\ Datei Host. (2)
GEFUNDEN:
~ Anzahl der Weiterleitungen gefunden1/20
---\\ Geplante Tasks (1)
GEFUNDEN task: [Go_Palikan] [C:\WINDOWS\Tasks\Go_Palikan.job] =>PUP.Optional.GoPalikan
---\\ Explorer (Ordner, Dateien). (6)
GEFUNDEN Datei: C:\Windows\Tasks\Go_Palikan.job =>PUP.Optional.GoPalikan
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.cinemaxx.de_0.localstorage =>PUP.Optional.CrossRider
GEFUNDEN Datei: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.cinemaxx.de_0.localstorage-journal =>PUP.Optional.CrossRider
GEFUNDEN Ordner: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ
---\\ Registrierung (Schlüssel, Werte, Daten). (7)
GEFUNDEN key: HKEY_USERS\S-1-5-21-3036239713-1774766366-4091503571-1001\SOFTWARE\Ad-Aware Search Protection [] =>PUP.Optional.Spigot
GEFUNDEN key: HKCU\Software\Ad-Aware Search Protection [] =>PUP.Optional.Spigot
GEFUNDEN key: HKCU\Software\AppDataLow\Software\adawarebp [] =>PUP.Optional.ToolbarCleaner
GEFUNDEN key: HKCU\Software\undefined [] =>.Superfluous.Downloader
GEFUNDEN key: HKCU\Software\ProductSetup [] =>Adware.InstallCore
GEFUNDEN key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0AFDD62D45EFE8155993FD43457FC680 [C:\Program Files (x86)\Plex\Plex Media Server\Resources\Plug-ins-8403350\Media-Flags.bundle\Contents\Resources\Studio\cinemax.png] =>PUP.Optional.CrossRider
GEFUNDEN key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} [C:\Program Files (x86)\Toolbar Cleaner (Not File)] =>PUP.Optional.ToolbarCleaner
---\\ Zusammenfassung der Elemente gefunden auf Ihrer workstation (8)
hxxp://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.GoPalikan
hxxp://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
hxxp://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
hxxp://www.nicolascoolman.fr/?p=679 =>PUP.Optional.DomaIQ
hxxp://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Spigot
hxxp://www.nicolascoolman.fr/?p=712 =>PUP.Optional.ToolbarCleaner
hxxp://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Downloader
hxxp://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
---\\Reparieren Check
~ keine Reparaturen.
---\\Statistiken
~ Elemente gescannt : 108742
~ Einträge gefunden : 19
~ Elemente abgesagt : 0
~ Elemente repariert : 0
~ End of search in 00h07mn52s
===================
ZHPCleaner-[S]-07012016-18_56_04.txt
|
|
08.01.2016, 16:13
| #12 |
| /// TB-Ausbilder | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus, so, jetzt denk ich hab ichs.  Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
FF NewTab: about:newtab
Task: {1993C654-7DD8-4014-B83D-4DFBDD76ED70} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {1A354996-AFA2-4306-BDDE-8807C8F680E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B9FC618-4740-4540-A2D9-446805A5DECA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2E4F0410-E617-42D7-AE6C-44C57A304D40} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E03D51B-7D82-46C9-A06A-A6E34152211D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7781DD59-D58B-4354-AB7C-774E743F1173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7CB75333-C611-4E11-A2F2-BFACF36A6A5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8BD00CCA-B537-4771-A49D-8D3FEB27DBE9} - System32\Tasks\Backup Update Service => p:\\jmp2.in\
Task: {9740C194-09ED-4026-876C-404A51AA2A47} - System32\Tasks\Go_Palikan => C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}\uninstall.exe [2016-01-07] ()
C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}
Task: {C1FA49B7-C25D-4BAF-8E71-3F48830D67D2} - \Win Update Service -> Keine Datei <==== ACHTUNG
Task: {C82D4EC4-7BEE-42F7-9866-33BA0B12B91F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0A7DA6B-92C0-455F-BDF0-D5C55147AC55} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F3EF753A-7B45-44F2-8076-4398EB84EDF0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Go_Palikan.job =>
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Dann nochmal AdwCleaner und Malwarebytes' Anti-Malware ausführen und beide Logdateien posten. Schritt 3 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
08.01.2016, 22:30
| #13 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Hallo Matthias, sry wegen der Unachtsamkeit mit dem Palikan... und danke dass du dir soviel Zeit nimmst Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Peter (2016-01-08 21:05:17) Run:1
Gestartet von C:\Users\Peter\Desktop\Anti Malware
Geladene Profile: Peter (Verfügbare Profile: Peter & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
FF NewTab: about:newtab
Task: {1993C654-7DD8-4014-B83D-4DFBDD76ED70} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {1A354996-AFA2-4306-BDDE-8807C8F680E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B9FC618-4740-4540-A2D9-446805A5DECA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2E4F0410-E617-42D7-AE6C-44C57A304D40} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E03D51B-7D82-46C9-A06A-A6E34152211D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7781DD59-D58B-4354-AB7C-774E743F1173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7CB75333-C611-4E11-A2F2-BFACF36A6A5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8BD00CCA-B537-4771-A49D-8D3FEB27DBE9} - System32\Tasks\Backup Update Service => p:\\jmp2.in\
Task: {9740C194-09ED-4026-876C-404A51AA2A47} - System32\Tasks\Go_Palikan => C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}\uninstall.exe [2016-01-07] ()
C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524}
Task: {C1FA49B7-C25D-4BAF-8E71-3F48830D67D2} - \Win Update Service -> Keine Datei <==== ACHTUNG
Task: {C82D4EC4-7BEE-42F7-9866-33BA0B12B91F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E0A7DA6B-92C0-455F-BDF0-D5C55147AC55} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F3EF753A-7B45-44F2-8076-4398EB84EDF0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Go_Palikan.job =>
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
Firefox "newtab" erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1993C654-7DD8-4014-B83D-4DFBDD76ED70}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1993C654-7DD8-4014-B83D-4DFBDD76ED70}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A354996-AFA2-4306-BDDE-8807C8F680E5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A354996-AFA2-4306-BDDE-8807C8F680E5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B9FC618-4740-4540-A2D9-446805A5DECA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B9FC618-4740-4540-A2D9-446805A5DECA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BC47E4C-3D7E-4C45-B668-38E38AFBE5DC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E4F0410-E617-42D7-AE6C-44C57A304D40}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E4F0410-E617-42D7-AE6C-44C57A304D40}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E03D51B-7D82-46C9-A06A-A6E34152211D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E03D51B-7D82-46C9-A06A-A6E34152211D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EEA3EA5-7F5D-47BB-ABD9-580A0FA90150}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7781DD59-D58B-4354-AB7C-774E743F1173}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7781DD59-D58B-4354-AB7C-774E743F1173}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CB75333-C611-4E11-A2F2-BFACF36A6A5F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CB75333-C611-4E11-A2F2-BFACF36A6A5F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BD00CCA-B537-4771-A49D-8D3FEB27DBE9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD00CCA-B537-4771-A49D-8D3FEB27DBE9}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Backup Update Service => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Backup Update Service" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9740C194-09ED-4026-876C-404A51AA2A47} => Schlüssel nicht gefunden.
C:\WINDOWS\System32\Tasks\Go_Palikan => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go_Palikan => Schlüssel nicht gefunden.
C:\Users\Peter\AppData\Local\{76B040EC-5218-2C54-3F80-09BC1BE8F524} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1FA49B7-C25D-4BAF-8E71-3F48830D67D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1FA49B7-C25D-4BAF-8E71-3F48830D67D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Win Update Service" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C82D4EC4-7BEE-42F7-9866-33BA0B12B91F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C82D4EC4-7BEE-42F7-9866-33BA0B12B91F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0A7DA6B-92C0-455F-BDF0-D5C55147AC55}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0A7DA6B-92C0-455F-BDF0-D5C55147AC55}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3EF753A-7B45-44F2-8076-4398EB84EDF0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3EF753A-7B45-44F2-8076-4398EB84EDF0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
Task: C:\WINDOWS\Tasks\Go_Palikan.job => => nicht gefunden.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3036239713-1774766366-4091503571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3036239713-1774766366-4091503571-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 787.4 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:05:53 ====
Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 08/01/2016 um 21:27:25
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : Peter - BEDA-AIO
# Gestartet von : C:\Users\Peter\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
[-] [C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : fmlgoencnlndpglbocajlimaikjohmab
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [941 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 08.01.2016 Suchlaufzeit: 21:32 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.08.06 Rootkit-Datenbank: v2016.01.05.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Peter Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 443370 Abgelaufene Zeit: 16 Min., 40 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 21:56 on 08/01/2016 by Peter
Administrator - Elevation successful
========== filefind ==========
Searching for "*Palikan*"
No files found.
========== folderfind ==========
Searching for "*Palikan*"
No folders found.
========== regfind ==========
Searching for "Palikan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}\Instl\Data]
"hp_url"="hxxp://www.palikan.com/?f=1&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}\Instl\Data]
"hp_url"="hxxp://www.palikan.com/?f=1&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}\Instl\Data]
"hp_url"="hxxp://www.palikan.com/?f=1&a=plk_bimmed_16_01&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyC0CtD0F0Dzy0EtD0FtN0D0Tzu0StCyEyCyBtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1RtN1L1G1B1V1N2Y1L1Qzu2SyDyCyCyEzytD0DyDtGyB0D0EtDtGtAzz0EtCtGtAyE0C0FtGyD0B0B0FyDtCyD0B0C0A0B0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzz0AtBzzyC0EyEtGzzzyzzyEtGyE0CtC0CtG0B0B0CyDtG0EyC0F0C0EtBtAzyyB0CtD0F2QtN0A0LzutB&cr=2053927448&ir="
-= EOF =-
|
|
09.01.2016, 02:40
| #14 |
| | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Hallo Matthias, jetzt sind vier xx:10 Uhr checkpoints durchgelaufen und es kam kein popup  sieht also diesbezüglich top aus!  Ich möchte dir sehr herzlich danken, für deinen Einsatz und deine Geduld! Danke, Danke, Danke!!! Was war das jetzt eigentlich genau und wie hab ich mir das eingefangen, weil scheints ist es ned so alltäglich, da man mit dem Problem keinen im Netz gefunden hat. Ich hoffe das mit dem palikan hat sich, oder wird sich schnell erledigen, merken tu ich im moment jedenfalls auch nichts mehr Viele Grüsse Peter |
|
09.01.2016, 10:21
| #15 |
| /// TB-Ausbilder | Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite Servus, auf deinem Rechner war noch etwas Adware, die haben wir jetzt entfernt. Ich würde gerne noch ein paar letzte Reste entfernen und einen Kontrollscan mit ESET durchführen, wenn das für dich ok ist. Wir sichern uns hier immer mehrfach ab, wir wollen ja, dass alles sauber ist. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
DeleteKey: HKLM\SOFTWARE\Classes\AppID\{5e7797ae-5ca1-4b50-95d8-97e746340487}
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Bitte poste mit deiner nächsten Antwort
|
|
| Themen zu Win 8.1 / Win10 stündlich xx:10 Uhr Popup wie soll linktyp geöffnet werden ->Weiterleitung Werbeseite |
| browser, dateiendung, erschein, erscheint, hilfe!, installier, installierte, kaufen, klicke, link, lösung, mcafee, popup, programm, scan, scanner, seite, stunde, update, virenscan, virenscanner, weiterleitung, werbeseite, win, windows |
Linear-Darstellung
